Autorun virus in an HDFC bank ATM

Went to a nearby HDFC ATM only to discover one out of service machine, with the other showing a prompt by one "Guardian antivirus" (an antivirus which until now i didn't know existed) detecting an Autorun.fla virus. (Pic attached, abysmal quality by my phone's cam *apologies* but can just make out whats written).

At least it detected that virus but who knows what all else is on there with no information about the brand's virus detection rates. HDFC bank cannot even afford a decent antivirus...i'm pretty sure a cracked version of the antivirus must be in use ROFL..! It may have been a false positive though can't be sure.. the file was "00.scr" in the system32 folder.

An extremely serious breach of security imo.

This machine is situated at the Sector 11 market of Dwarka, New Delhi.

 

[Jignesh]

Guardian AV haha .. Dis one

Guardian Anti-Virus, Affordable Protection for your PC.

Can't imagine HDFC cannot even use some proper AV

 

[PrK]

Yeah this one... They could've just used MSE and not even spent the Rs.549 :grin: so now we even know what no name antivirus they use on their ATMs..lol

 

[neevarp]

Is there any provision to inform them about this? I skimmed through HDFC website and could not find anything to report such aspects (which gives me the jitters since HDFC is my primary banker)..

 

[jayant]

I thought they(banks) were using Linux on their ATM machines.

 

[Deleted member 7160]

Is there any provision to inform them about this? I skimmed through HDFC website and could not find anything to report such aspects (which gives me the jitters since HDFC is my primary banker)..
Send an email to info@hdfcbank.com, I usually get security/scam alerts from this mail ID.

 

---

[PrK]

I thought they(banks) were using Linux on their ATM machines.
Nope afaik they all use windows server 2003 edition.

Is there any provision to inform them about this? I skimmed through HDFC website and could not find anything to report such aspects (which gives me the jitters since HDFC is my primary banker)..
i did send them a mail on the email Deleted Member 7160 has provided.

one thing that's bugging me is how could the executable even find its way into the machine? probably an infected pen drive used by one of the maintenance peeps. really goes to show how grim the malware situation and awareness is among the population.

----------

just saw this for the filename in question 00.SCR, Prevx :x

 

[Deleted member 7160]

I remember reading somewhere that in Sep, there SQL database was hacked and it took 21 days for HDFC to fix it.

 

[PrK]

Nope that email id doesn't receive emails.

 

[mehrotra.akash]

Nope afaik they all use windows server 2003 edition.


The SBI and ICICI ones in my college use XP

Have a video of an SBI one stuck in a reboot loop, and an ICICI one usually shows the taskbar

 

[Deleted member 7160]

Seems like time for them to move to 2008 server.

 

[PrK]

The SBI and ICICI ones in my college use XP

Have a video of an SBI one stuck in a reboot loop, and an ICICI one usually shows the taskbar
yeah even i've seen such machines

I remember reading somewhere that in Sep, there SQL database was hacked and it took 21 days for HDFC to fix it.
that sucks..
Had to send them a mail via their complaint/feedback form...

 

[Deleted member 7160]

@prk let me find a mail ID tomorrow and provide you. Am sure I have seen some mail ID which takes care of Virus & other stuffs!

 

[PrK]

@prk let me find a mail ID tomorrow and provide you. Am sure I have seen some mail ID which takes care of Virus & other stuffs!
Alright thanks.. though i think they should respond to the mail sent through the form.