You might be exposed to cyber hacking activities if you are using The Indian Overseas Bank App, finds Appvigil
This vulnerability will become really dangerous for IOB android app users if a fully permitted malware performs this attack on the app in the same device and steals users’ netbanking usernames & passwords.
About the vulnerability
Java script injected in activity: com.iob_phone.ui.IOBProductDetailActivitywith injection String: document.getElementsByTagName(‘body’).setAttribute(‘style’, ‘background-color: red’);
Severity and Impact
In today’s agile development environment, about 70-80% of all android apps are hackable, as developers focus more on productivity and innovation, pushing their security concerns backstage. With the amount of information, the android apps ask for and consume, it is only logical that these applications appear as a very lucrative and attractive target for hackers. This is where Appvigil comes in.
Appvigil provides an automated test framework for android developers to scan and test their android applications against state of the art security vulnerabilities. The developers can use Appvigil to scan their application executables for a detailed report containing the type of vulnerability, exact location of the security concern in the application and references/guide to patch up the security issues in their android apps.
Wegilant is an emerging cloud based mobile app security company. Their flagship product is Appvigil, which is a cloud based android app security scanner. Appvigil looks for security vulnerabilities and loopholes in android apps and helps you identify whether an android app is hackable or not. Wegilant is incubated in Society for innovation and entrepreneurship (SINE), IIT Bombay. Wegilant is one the Top 10 Emerging Software Product Centric Companies for F. Y. 2014 as per NASSCOM.