Autorun virus in an HDFC bank ATM

PrK

Iaruglrer
Messages
255
Location
New Delhi
Went to a nearby HDFC ATM only to discover one out of service machine, with the other showing a prompt by one "Guardian antivirus" (an antivirus which until now i didn't know existed) detecting an Autorun.fla virus. (Pic attached, abysmal quality by my phone's cam *apologies* but can just make out whats written).

At least it detected that virus but who knows what all else is on there with no information about the brand's virus detection rates. HDFC bank cannot even afford a decent antivirus...i'm pretty sure a cracked version of the antivirus must be in use ROFL..! It may have been a false positive though can't be sure.. the file was "00.scr" in the system32 folder.

An extremely serious breach of security imo.

This machine is situated at the Sector 11 market of Dwarka, New Delhi.
 

PrK

Iaruglrer
Messages
255
Location
New Delhi
Yeah this one... They could've just used MSE and not even spent the Rs.549 :grin: so now we even know what no name antivirus they use on their ATMs..lol
 


neevarp

Regulars
Messages
1,501
Location
Trivandrum
Is there any provision to inform them about this? I skimmed through HDFC website and could not find anything to report such aspects (which gives me the jitters since HDFC is my primary banker)..
 

maniaco

Regulars
Messages
5,691
Location
Bengaluru
Is there any provision to inform them about this? I skimmed through HDFC website and could not find anything to report such aspects (which gives me the jitters since HDFC is my primary banker)..
Send an email to [email protected], I usually get security/scam alerts from this mail ID.
 


PrK

Iaruglrer
Messages
255
Location
New Delhi
I thought they(banks) were using Linux on their ATM machines.
Nope afaik they all use windows server 2003 edition.

Is there any provision to inform them about this? I skimmed through HDFC website and could not find anything to report such aspects (which gives me the jitters since HDFC is my primary banker)..
i did send them a mail on the email maniaco has provided.

one thing that's bugging me is how could the executable even find its way into the machine? probably an infected pen drive used by one of the maintenance peeps. really goes to show how grim the malware situation and awareness is among the population.

----------

just saw this for the filename in question 00.SCR, Prevx :x
 

mehrotra.akash

Regular
Messages
915
Nope afaik they all use windows server 2003 edition.


The SBI and ICICI ones in my college use XP

Have a video of an SBI one stuck in a reboot loop, and an ICICI one usually shows the taskbar
 
Top