Cosmos Bank fraudsters had data of card numbers from 2009

The investigators also believe that the data of a certain series of cards must have been breached, cloned and duplicated.

pune Updated: Aug 23, 2018 15:19 IST
Shalaka Shinde
Shalaka Shinde
Hindustan Times, Pune
Cosmos Bank,card numbers,series of cards
Cosmos Bank headquarters on Ganeshkhind road in Pune. (Sanket Wankhade/HT PHOTO)

The hackers who allegedly siphoned off over Rs 94 crore from multiple accounts of Cosmos Co-operative Bank had the data bank of card numbers from 2009, according to senior police officials investigating the case. The investigators also believe that the data of a certain series of cards must have been breached, cloned and duplicated.

"It happens in a way where a money-mule network is activated. In a decided time period, if you put any card - cloned in this case - your transaction will be validated. The data of a certain series of cards must have been breached and cards of that series must have been cloned and duplicated. They orchestrated the malfunction time within which they withdrew the money," said Brijesh Singh, special inspector general (cyber), Maharashtra, while explaining the possible modus operandi of the Cosmos Bank hackers.

Bringing in the suspected dark-web connection, Singh said, "On the dark net, if I say that I'm doing an ATM cash-up and people subscribe to it. The subscription charge is not much. People pay $10, $15 and subscribe to it. Then a (stolen/cloned) card number details are given to the subscriber and time is shared and then they tell you, this is the time, take the money out."

With 14,849 transaction and one transaction of Rs 13,92,00,000 - the bank lost a total of Rs 94,42,00,000. Of the 14,849 transaction 2,849 transactions were domestic and they resulted in dispalcement of Rs 2,50,00,000 while the remaining 12,000 transactions were from 28 other countries which cost the bank Rs 80,50,000.

Most of the domestic transactions are worth Rs 10,000 while the international transactions are the ones that are giving the police a difficult time.

In a way of recovery, Singh said, "various process including mutual legal assistance treaty (MLAT), letter rogatory process and all other processes are underway. It is a very large investigation."

Several private players, including Pune-based companies as well as internation companies, are helping the police in the investigation.

-The hackers had data bank of account numbers from 2009

-The malware helped the fraudsters keep all transactions in that time-frame - genuine or cloned - off he core banking solutions (CBS)

-Teams have been send to all concerned districts

-Money-mule network: people given card details and time slot in exchange of subscription fee

First Published: Aug 23, 2018 15:18 IST