Rs 94 crore Cosmos Bank theft: Hackers’ first attempt failed, went unnoticed

Around 2,890 transactions were made in India, totally amounting to Rs 2.5 crore using RuPay cards.
A multinational hacking ring siphoned off ~94.42 crore from the pool account of Pune-based Cosmos Bank.(Sanket Wankhade/HT file)
A multinational hacking ring siphoned off ~94.42 crore from the pool account of Pune-based Cosmos Bank.(Sanket Wankhade/HT file)
Updated on Aug 26, 2018 09:04 AM IST
Copy Link
Hindustan Times, Mumbai | ByVijay Kumar Yadav

The investigation into the Cosmos Bank malware attack in Pune, which led to the siphoning of Rs 94.42 crore, has revealed that hackers had failed in their first attempt to hack into the international money transfer system. However, this had gone unnoticed, said sources in the police department.

A suspected international hacking ring siphoned nearly Rs 94.42 crore from the pool account of Cosmos Bank on August 11 and 13 through a malware attack. It was carried out in three ways. Rs 78.5 crore was withdrawn from more than 12,000 automated teller machines (ATM) in 28 countries using VISA cards. Around 2,890 transactions were made in India, totally amounting to Rs 2.5 crore using RuPay cards. More than Rs 13 crore was transferred to a Hong Kong-based trading firm through Society for Worldwide Interbank Telecommunications (SWIFT) System — which is used for international money transactions — on August 13.

A senior IPS officer said according to preliminary investigation, the accused’s first attempt failed as they had entered incorrect inputs in the international money transfer system. “They then hacked into [Cosmos] bank’s system, obtained the system’s correct identification number, and then re-entered into the money transfer system,” said a senior IPS officer. “Since they impersonated the bank using a proxy by malware attack, the system processed it and more than Rs 13 crore was transferred abroad,” the officer said.

Cosmos Bank did not get any alert from the core banking system (CBS). It was VISA and SWIFT who alerted the bank about the suspicious transactions, after which the police were informed on August 13. “The vigilance mechanism failed to detect the infiltration because numerous transactions take place almost every minute, making it tough to identify any proxy or suspicious transaction,” the officer said.

Cosmos Bank chairman Milind Kale said he was not aware of the probe findings. “I won’t be able to comment on the development. Why the system could not detect any unauthorised activity can only be ascertained after forensic audit.”

Cosmos Bank has called it an attack on the Indian banking industry from an international hacking syndicate operating from 22 countries. A special investigation team (SIT) of Pune police, headed by deputy commissioner of police Jyoti Priya Singh and monitored by inspector general of police (state cyber police) Brijesh Singh, is carrying out a multi-dimensional investigation meanwhile. Regarding the cloning of cards to make transactions, an official said to clone cards, one must steal the data of account holders, and then clone the cards to withdraw money. “It’s obvious that card details of the customers were not stolen the same day. We are awaiting an audit report to ascertain when exactly the databank was compromised,” he said.

Moreover, the accused had increased the withdrawal limit to enable them to withdraw maximum money. However, even genuine customers had withdrawn money during this time. The police have segregated the 2,890 transactions (made in Beed Kolhapur, Mumbai, Mumbra and other parts of India) into genuine and fraudulent transactions. “Once a fraudulent transaction is identified, we will go and check the CCTV footage of the ATM to identify the accused,” said another officer.

The police have sent letters to banks across countries to obtain information on fraudulent transactions and are also in the process of getting Letter Rogatory (LRs) issued to the authorities in those countries. “We have also sent emails to Hang Seng Bank in Hong Kong to obtain details on the fraudulent transaction made to the account of ALM Trading Limited,” said a senior officer.

Close Story

Less time to read?

Try Quickreads

  • Dr Neeraj Pathak was found dead at his residence on May 1. (File photo)

    60-yr-old woman who killed husband by giving electric shocks imprisoned for life

    A 60-year-old assistant professor was sentenced to life imprisonment for killing His wife Mamta's husband, a retired doctor, by inflicting electric shocks. Police arrested professor of chemistry Mamta Pathak for killing her husband Dr Neeraj Pathak, 63, by giving him sleeping pills and inflicting electric shocks on him on May 2, 2021. When police interrogated Mamta, she confessed to the crime.

  • The resolution passed by the Punjab assembly on Thursday said any decision to change the character of Panjab University won’t be acceptable to the people of the state and, therefore, any such proposal should be dropped with immediate effect. (HT file photo)

    Punjab passes resolution against making Panjab University a central varsity

    The Punjab Vidhan Sabha on Thursday passed a resolution against the attempt to change the status of Panjab University into a central university, while strongly urging the Centre not to consider against any change in the nature and character of the institution. All members, except those from the Bharatiya Janata Party, supported the resolution. The resolution was moved by higher education minister Gurmeet Singh Meet Hayer.

  • Fire brigade personnel try to douse the fire at Hathua market in Patna on Thursday. (HT Photo/ Santosh Kumar)

    Bihar: 15 garment shops gutted in Hathua market due to lightning

    At least 15 garment shops were gutted after a major fire broke out on Thursday morning at Hathua, one of the oldest markets in Patna. Property worth crores of rupees were destroyed in the fire, believed to have been caused by lightning. A shopkeeper at the site said the fire broke out around 3:30am. No casualties have been reported so far, and the cause of the fire is yet to be ascertained.

  • Protesters holding a demonstration against the Agnipath recruitment scheme in Amritsar on Thursday. (Sameer Sehgal/HT)

    Punjab assembly passes resolution against Centre’s Agnipath scheme

    The Punjab Vidhan Sabha on Thursday passed a resolution against the Centre's Agnipath defence recruitment scheme. Two BJP legislators Ashwani Sharma and Jangi Lal Mahajan, however, opposed the resolution. The resolution was moved in the House by chief minister Bhagwant Mann. Mann said the scheme had been declared unilaterally and led to nationwide protests and opposition. Shiromani Akali Dal MLA Manpreet Singh Ayali also supported the resolution and demanded the scheme's rollback.

  • Lord Shiva devotees, kanwariyas, undertake an ardous trek from Haridwar on the first day of Shravan month to shrines in their localities. (HT File Photo)

    Kanwar Yatra: Shiva devotees set to start annual trek from July 14

    Uttar Pradesh is preparing for the Kanwar Yatra from July 14, the annual pilgrimage wherein Lord Shiva devotees travel on foot to fetch holy water of the Ganga from Uttarakhand's Haridwar to shrines in their localities, people familiar with the matter said.

Story Saved
Saved Articles
My Reads
Sign out
New Delhi 0C
Thursday, June 30, 2022