Quick Heal has detected a serious security breach at Cosmos Bank’s website. As per the findings, their website has been compromised by RIG Exploit Kit, and as a result, all visitors to their website are being automatically infected by the infamous Cerber Ransomware.
And here is the most appalling fact: The website is still infected with the Exploit Kit, and if you are curious to open the website, we will strongly recommend that you don’t do it. Your system may get hacked by a dangerous ransomware.
Cosmos Bank’s Website Compromised, But No Action Taken?
Cosmos Bank was established in 1906. Headquartered in Pune, it is hailed as one of the oldest Urban Co-operative Banks in India.
However, when it comes to the security of their website, they have been ignorant, to say the least.
As per Quick Heal’s statements which we received, Cosmos Bank was informed about this security breach as of March 20, 2017. But there has been no action taken.
Quick Heal’s statement read: “Quick Heal has been constantly monitoring the website since 20th of March, 2017 and according to the latest findings (as we share this information), the Cosmos Bank website is still infected.”
Note here, that Cosmos Bank is not the creator of this virus attack, but a victim. However, once they are aware of this security breach, they should have taken some concrete action. Their reluctance to remove the Exploit Kit from their website is potentially putting their visitors at a grave security risk.
What Is RIG Exploit Kit, And How It Can Damage Your System?
An exploit kit is a software kit, whose only aim is to get settled inside web-servers, and then identify software vulnerabilities in those systems, which are trying to communicate with that web-server.
Once the communication between that infected web-server and the client system is established, the exploit kit can wreak havoc, all around. It can install any virus, ransomware or malware and then steal, destroy or modify the information present.
In Cosmos Bank’s case, the RIG Exploit Kit, which is residing on their website, is sending a dangerous virus called Cerber Ransomware into the systems of those visitors who are accessing the website.
Quick Heal discovered about this serious security breach while analysing telemetry information of their own users.
Sanjay Katkar, MD & CTO, Quick Heal Technologies said, “Ransomware remains a major and rapidly growing threat even in 2017. Quick Heal has been actively monitoring the threat landscape for new ransomware and their propagation techniques as well as the activities of the existing ransomware and has been capturing this data in its quarter and annual threat reports.”
As per Quick Heal, ransomware detection within Windows-based PCs have increased by 92% in the last one year, and around 14 new Windows ransomware were discovered in the last 12 months. Whereas Android-based mobile ransomware infection has increased by 450% between Q1 and Q4 of 2016.
We will keep you updated as we receive more information regarding this virus attack on an 111-year-old bank’s website.