Payment forensic investigator SISA has issued warning advisory to the banks and payment processors after discovering that hackers had managed to infuse malicious software into the payment switch server of an unnamed bank.
The firm also advised other banks to reset passwords of those employees who have access to payment servers and to use two-factor authentication for providing access.
“A malicious script (software code) has been injected into the payment switch application server — the hub which communicates with payment networks. This malicious software is capable of collecting payment card data (including card number, expiry date, CVV and other customer information),” said SISA.
It further said that the hacker can misuse the information to clone cards and conduct illegitimate transactions. The malicious software creates transactions by notifying fake responses to the payment network in respect of the card. The fake response affirms that no details of the next transaction request or outgoing transaction response are logged in the switch application logs.
SISA is the payment forensic investigator. It had earlier investigated the biggest banking breach in India history, last largest debit card breach last year.
“We have released this advisory in the interest of proactively securing the payment card industry based on recent findings by SISA PFI (Payment card industry Forensic Investigation) Lab,” said a company spokesperson.