Cyber Attack cyber

IndusInd Bank

Mar 26, 2025 1 min read
IndusInd Bank

IndusInd Bank faced a severe cybersecurity incident where a fake banking app, mimicking the bank's legitimate services, targeted Indian users. The app was loaded with malware that leveraged .NET MAUI to obfuscate malicious code and evade standard detection measures. Personal and banking data were compromised when users unknowingly submitted their sensitive information to the app. The hidden .NET MAUI payload facilitated the theft, which subsequently transmitted the data to a command and control server operated by attackers. This incident represents a sophisticated and targeted approach to financial cyber attacks, resulting in the compromise of customer trust and potentially financial assets.

Source: https://securityaffairs.com/175843/cyber-crime/android-malware-uses-net-maui-to-evade-detection.html

TPRM report: https://scoringcyber.rankiteo.com/company/indusind-bank

"id": "ind000032625",
"linkid": "indusind-bank",
"type": "Cyber Attack",
"date": "3/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Financial Services',
                        'location': 'India',
                        'name': 'IndusInd Bank',
                        'type': 'Bank'}],
 'attack_vector': 'Fake Mobile Application',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'type_of_data_compromised': ['Personal Data', 'Banking Data']},
 'description': "A fake banking app, mimicking IndusInd Bank's legitimate "
                'services, targeted Indian users. The app was loaded with '
                'malware that leveraged .NET MAUI to obfuscate malicious code '
                'and evade standard detection measures. Personal and banking '
                'data were compromised when users unknowingly submitted their '
                'sensitive information to the app. The hidden .NET MAUI '
                'payload facilitated the theft, which subsequently transmitted '
                'the data to a command and control server operated by '
                'attackers.',
 'impact': {'brand_reputation_impact': 'Compromise of Customer Trust',
            'data_compromised': ['Personal Data', 'Banking Data']},
 'initial_access_broker': {'entry_point': 'Fake Mobile Application'},
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'User Trust in Fake App'},
 'title': 'IndusInd Bank Fake App Cyber Attack',
 'type': 'Malware Attack',
 'vulnerability_exploited': 'User Trust in Fake App'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.