Pune-based Cosmos Bank's server hacked; US$13.5 mn siphoned off in 2 days

business August 15, 2018 13:59

By The Statesman
Asia News Network
New Delhi

2,809 Viewed

Hackers managed to transfer over US$13.5 million through a malware attack on the server of Pune-based Cosmos Bank and cloning thousands of the bank's debit cards over a period of two days, a senior bank official said.



The fraudulent transactions were carried out on August 11 and August 13 through 25 ATMs located in Canada, Hong Kong and a few in India.

The cards of the cooperative bank customers that were cloned were of Visa and Rupay.

"A complaint has been filed with Pune police about the malware attack and the bank is doing internal audits to investigate the breach," the official said.

The bank maintained that the core banking system (CBS) was not attacked and the malware attack was on the switch, which is operative for payment gateways of Visa and Rupay debit cards.

"None of the customers' accounts were touched and it is the bank which has incurred the loss of this money," the official said.

While cloning the Visa and Rupay debit cards of bank account holders and using a "parallel" system to the National Payment Corporation of India (NPCI), the hackers self-approved the transactions and withdrew over Rs 94 crore (US$13.5 million) on two to three occasions, the official added.

"It was Visa and Rupay who appraised about these fraudulent transactions to Reserve Bank," said the official.

Realising the cyber attack, the bank then registered an FIR with the Chatushringi police station.

As a precautionary measure, the bank has closed all its servers and net banking facilities, according to the official.

According to the FIR, the hackers used an unidentified malware to hack the system and clone card details of the bank customers.

"On August 11, the hackers cloned the card details and did over 12,000 transactions and transferred Rs 78 crore out of India. On the second instance, total 2,849 transactions were done in which Rs 2.5 crore was transferred within India," the FIR said.

It also said that on August 13, hackers again transferred Rs 13.92 crore in a Hong Kong-based bank by using fraudulent swift transactions.

A case has been registered under section 43, 65, 66(C) and 66 (D) of the Information Technology Act and relevant sections of Indian Penal Code.