A security researcher could have stolen as much as from one of India’s biggest banks. The bank’s mobile application lacks Certificate Pinning, allowing man-in-the-middle attackers to downgrade SSL connection and capture requests in plain text using fraudulently issued certificates. White hat hacker Prakash immediately reached out to the bank and alerted it about the critical issues in its mobile app and helped the bank fix them, instead of taking advantage of the security holes to steal money from the bank that has about 25 Billion USD in Deposits.
Source: https://thehackernews.com/2016/05/indian-bank-hacking.html