15,000 transactions in 7 hrs: Cosmos Bank’s server hacked, ₹94 cr moved to Hong Kong | Latest News India - Hindustan Times
close_game
close_game

15,000 transactions in 7 hrs: Cosmos Bank’s server hacked, 94 cr moved to Hong Kong

Hindustan Times, Pune | ByNadeem Inamdar
Aug 14, 2018 09:34 PM IST

The servers of India’s second largest cooperative bank were hacked on August 11 and August 13. The cybercriminals carried out 15,000 transactions

A multinational hacking ring allegedly stole 94 crore from the Pune-headquartered Cosmos Bank on August 11 and 13, mainly by gaining access to the bank’s systems.

The servers of India’s second largest cooperative bank, Cosmos Bank. were hacked on August 11 and August 13. The cybercriminals carried out 15,000 transactions to siphon off <span class='webrupee'>₹</span>94 crore.(Bloomberg file photo)
The servers of India’s second largest cooperative bank, Cosmos Bank. were hacked on August 11 and August 13. The cybercriminals carried out 15,000 transactions to siphon off 94 crore.(Bloomberg file photo)

The sophisticated attack seems to have involved a malware attack on the bank’s ATM server to gain credit and debit card details of customers; the approval of unauthorised transactions using these cards, often in excess of the amounts available for withdrawal in these accounts; and a SWIFT (a sort of money telegram between banks) transaction, again unauthorised, on the bank.

3.6 Crore Indians visited in a single day choosing us as India's undisputed platform for General Election Results. Explore the latest updates here!

Cosmos Bank chairman Milind Kale described the cyber crime as an attack on the Indian banking industry from multinational cyber criminals operating from 22 nations. Addressing a press conference on Tuesday, he said none of the fraudulent transactions have been debited to any of the customer’s accounts.

The Pune police commissioner K Venkatesham said experts from the Mumbai police and the local cyber crime investigation team have initiated investigations.“We have sought more details, especially technical details of logs from the bank. We are in constant touch with our headquarters and briefing them about the case ,” he said.

An FIR was lodged against unidentified persons by a bank executive Suhas Subhash Gokhale (53) under Indian Penal Code (IPC) sections 379 (theft), 420 (cheating),120 (B) (conspiracy) and 34 and sections 43,65,66 (C) and 66 (D) of the Information Technology Act at Chatushringi Police Station on Monday night.

The attack may have originated from Canada, where many of the transactions were conducted, according to bank officials who asked not to be identified.

The FIR stated that during the malware attack, a proxy switch was created and all payment approvals were passed by the proxy switching system.

In the first attack on August 11, using stolen card details, approximately 78 crore was withdrawn in transactions in 28 countries. This included around 12,000 Visa card transactions. On the same day, approximately, 2.5 crore was withdrawn through 2,800 debit card transactions in India at various locations.

On August 13, the hackers transferred 13.94 crore into an account in the Hang Seng Bank in Hong Kong by initiating a SWIFT transaction.

The bank has appointed a professional forensic agency to investigate the malware attack.The details of the exact amounts siphoned off during the attack will also be ascertained.

Kale said that the bank has obtained forensic information which shows minute-by-minute record of logs of the transactions which took place around the world.

The incident came to light on August 11, Saturday, when unusual, repeated transactions were taking place through ATM Visa and Rupay cards for nearly two hours.

As soon as the suspicious transactions were reported, the bank immediately shut down its Visa and Rupay Debit card payment system.

The bank has described the cyber fraud as “a malware attack on the switch which is operative for the payment gateway of VISA and Rupay Debit Card and not on the core banking system of the bank”. Still, the extent of the hack will become clear only after the forensic investigation is complete.

Kale said savings, term deposits and recurring accounts of depositors are totally safe and also claimed the bank had met every safety requirement of the Reserve bank of India. The bank has appealed to its customers to remain calm and not to panic and continue to repose faith and trust on the 112 year old bank.

Get World Cup ready with Crickit! From live scores to match stats, catch all the action here. Explore now!

See more

Get Current Updates on India News, Elections Result,Election Results 2024 Live, Weather Today along with Latest News and Top Headlines from India and around the world.

SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Sunday, June 09, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On