[BreachExchange] India's Cosmos Bank loses $13.5 mln in cyber attack

Destry Winant destry at riskbasedsecurity.com
Fri Aug 17 09:26:20 EDT 2018


https://www.reuters.com/article/cyber-heist-india/indias-cosmos-bank-loses-135-mln-in-cyber-attack-idUSL4N1V551G

MUMBAI, Aug 14 (Reuters) - Cyber criminals hacked the systems of
India’s Cosmos Bank and siphoned off nearly 944 million rupees ($13.5
million) through simultaneous withdrawals across 28 countries over the
weekend, the bank has told police.

The co-operative bank said unidentified hackers stole customer
information through a malware attack on its automated teller machine
(ATM) server, withdrawing 805 million rupees in 14,849 transactions in
just over two hours on Aug. 11, mainly overseas.

Apart from the ATM withdrawals, the hackers transferred 139 million
rupees to a Hong Kong-based company’s account by issuing three
unauthorised transactions over the SWIFT global payments network, the
bank said in a police complaint, a copy of which was seen by Reuters.

SWIFT, whose messaging system is used to transfer trillions of dollars
a day, said it did not comment on individual cases.

Cosmos Bank, based in the western city of Pune, said in a press
statement that its main banking software receives debit card payment
requests via a “switching system” but it was bypassed in the attack.

“During the malware attack, a proxy switch was created and all the
fraudulent payment approvals were passed by the proxy switching
system,” the bank said.

The bank declined to reveal the countries, citing security risks.

Police said they were investigating the theft.

A police official, who declined to be named, said they had enlisted
the help of experts to find out how authorised transactions were
conducted simultaneously in various countries.

India’s City Union Bank Ltd reported in February that it had suffered
three “fraudulent remittances” of nearly $2 million that had been
pushed through the SWIFT financial platform.

In 2016, unknown hackers stole more than $81 million from the
Bangladesh central bank’s account with the Federal Reserve Bank Of New
York. Investigators have made little progress in the case.

“While there is growing awareness to regularly update an
organisation’s cyber preparedness and defence mechanisms, a large
number of institutions wake up to this reality only post an incident
which often leads to a loss of reputation and/or financial
misappropriation,” said Nikhil Bedi, a partner with Deloitte India.


More information about the BreachExchange mailing list