Cyber Incident Victim: Reserve Bank of India

On February 14, 2019, the Reserve Bank of India (RBI) issued a formal alert through its cyber security and IT examination cell regarding a new fraud tactic targeting mobile device users. The central bank warned that malicious actors were exploiting a remote access application called 'AnyDesk' to steal sensitive data from smartphones. Fraudsters reportedly tricked customers into installing the application, which then requested standard permissions to access device controls. Once installed, the app enabled unauthorized parties to remotely manipulate compromised devices, though the RBI advisory did not specify the exact data types targeted or the scale of confirmed breaches. This incident occurred against a backdrop of increasing fraudulent activities involving India’s Unified Payment Interface (UPI) platform, a real-time payment system widely used for peer-to-peer and merchant transactions. The RBI’s notification emphasized the method’s novelty but did not disclose whether financial losses had already occurred or identify specific victim institutions.

The RBI directed its warning to all regulated banks and payment system operators, instructing them to remain vigilant against this emerging threat vector. While the advisory did not outline technical mitigation steps for end users, it served as an official acknowledgment of the tactic’s proliferation within the financial ecosystem. No details were provided regarding how the attacks were initially detected or whether law enforcement investigations were underway. The central bank’s communication focused solely on raising awareness about the misuse of legitimate remote access tools rather than condemning the AnyDesk application itself. This incident highlighted ongoing security challenges surrounding mobile-based payment platforms in India, particularly social engineering schemes that compromise device-level controls to facilitate unauthorized transactions or data exfiltration.