HDFC bank has rolled out a warning to all its users about an app that is used by fraudsters for stealing money called the AnyDesk app. Using this app, fraudsters could ask users to share a 9-digit code that would get them access to the phone for stealing money. HDFC Bank warned its internet banking users on how the app is used by fraudsters to steal customers money via unified payments interface (UPI).
In March, Reserve Bank of India had also issued a related advisory, mentioning that the AnyDesk app tends to ask for regular privacy permissions that can remotely acquire full access to your smartphone, which would allow fraudsters to remotely carry out banking transactions.
What's interesting is that the AnyDesk app is not malware but an actual app and AnyDesk is not the only app that needs to worry as there are other remote device control app, which can be used to do the same.
Similar to other remote device control apps, AnyDesk is basically a tool that is used by IT professionals to work on remote devices with having to be on-site, which means that users can use this tool or any remote device control app for working on a secured office system from home.
According to AnyDesk COO, Oldřich Müller, the AnyDesk app is used by millions of individuals along with 17,000 companies in around 165 countries and uses banking standard TLS 1.2 technology for protecting users computers and RSA 2048 asymmetric key exchange encryption for verifying every connection.
AnyDesk has apologised in an official statement. The company COO later explained on how users should be careful and avoid such scams.