Indian Bank Suffers Massive Hack And Loses Big Time
An Indian bank has suffered two massive hacks one after the other, resulting in the loss of Rs.94.42 crore. Cosmos bank, which is headquartered in Pune, in the Indian State of Maharashtra, has reportedly been targeted by cybercriminals between August 11 and August 13.
While the first attack was carried out via multiple ATM swipes in different countries, the second was a malware strike that initiated SWIFT (Society for Worldwide Interbank Financial Telecommunication) transfers.
The Indian Express reported, on Wednesday, August 15, 2018- “In possibly the first of its kind coordinated digital attack on an Indian bank, about Rs 94 crore was illegally withdrawn using cloned debit cards of Pune-based Cosmos Bank through thousands of ATM transactions across the globe within a period of seven hours on Saturday.”
The report further explains how the two attacks were carried out. It says, “About Rs 78 crore was withdrawn in more than 12,000 ATM transactions in 28 countries between 3 pm and 10 pm, India time, on Saturday, Cosmos Bank said. Another 2,800 transactions were made in different places within India, amounting to about Rs 2.5 crore, during the same period. On Monday, Rs 13.5 crore was transferred to a Hong Kong-based entity using the Society for Worldwide Interbank Telecommunications (SWIFT) facility.”
The Indian Express reports that according to the Bank’s chairman Milind Kale, it was a malware attack that might have made the illegal withdrawals possible. The malware attack would have authenticated the card transactions bypassing the bank’s computerized CBS (Core Banking System). He has also stated that there could have been an earlier cyberattack, which would have led to the hackers stealing data pertaining to debit cards of hundreds of customers. The data thus stolen would have been used to clone cards and these fake cards would have been used in the physical withdrawal of cash, which was done from different places across the globe.
The chairman, however, made it clear that accounts of the bank’s customers have not been affected and the customers won’t have to suffer any loss as well. The money, instead, has gone out from the bank’s corpus.
The Indian Express report further says, “Kale said the attack seemed to have originated in Canada and ATM transactions were carried out in 28 other countries which he refused to identify. He said the bank became aware of the attack when it noticed unusual and repeated transactions on its VISA and Rupay card payment systems. The bank immediately suspended its VISA and Rupay debit card payments to stop further damage, he said.”
As per reports, the CBS of the bank was not affected by the attacks, which didn’t impact the internet and mobile banking systems too. Internet and mobile banking, however, were temporarily suspended to pre-empt further attacks. The Bank has reported the matter to the police and the case was later transferred to the Cyber Crime and Economic Offences Wing of the city police.
In the meantime, the National Payments Council of India (NPCI), which is the umbrella organization for operating retail payments and settlement systems in India, has blamed Cosmos bank, citing that the issues with the bank’s IT environment had caused the hacks. It’s stated that the NPCI systems were absolutely secure.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.