₹94 crore stolen as gang hacks Pune bank’s internal systems
PUNE: A multinational hacking ring allegedly stole ₹94 crore from the Pune-headquartered Cosmos Bank on August 11 and 13, mainly by gaining access to the bank’s systems.
The sophisticated attack seems to have involved a malware attack on the bank’s ATM server to gain credit and debit card details of customers; the approval of unauthorised transactions using these cards, often in excess of the amounts available for withdrawal in these accounts; and a SWIFT (a sort of money telegram between banks) transaction, again unauthorised, on the bank.
Cosmos Bank chairman Milind Kale described the cyber crime as an attack on the Indian banking industry from multinational cyber criminals operating from 22 nations.
Addressing a press conference on Tuesday, he said none of the fraudulent transactions have been debited to any of the customer’s accounts.
The Pune police commissioner K Venkatesham said experts from the Mumbai police and the local cyber crime investigation team have initiated investigations.
“We have sought more details, especially technical details of logs from the bank. We are in constant touch with our headquarters and briefing them about the case ,” he said.
An FIR was lodged against unidentified persons by a bank executive Suhas Subhash Gokhale (53) under Indian Penal Code (IPC) sections 379 (theft), 420 (cheating),120 (B) (conspiracy) and 34 and sections 43,65,66 (C) and 66 (D) of the Information Technology Act at Chatushringi Police Station on Monday night.
The attack may have originated from Canada, where many of the transactions were conducted, according to bank officials who asked not to be identified.
The FIR stated that during the malware attack, a proxy switch was created and all payment approvals were passed by the proxy switching system.
In the first attack on August 11, using stolen card details, approximately ₹78 crore was withdrawn in transactions in 28 countries.
This included around 12,000 Visa card transactions. On the same day, approximately, Rs 2.5 crore was withdrawn through 2,800 debit card transactions in India at various locations.
On August 13, the hackers transferred ₹3.94 crore into an account in the Hang Seng Bank in Hong Kong by initiating a SWIFT transaction.
The bank has appointed a professional forensic agency to investigate the malware attack.
The details of the exact amounts siphoned off during the attack will also be ascertained.
Kale said the bank has got forensic information which shows minute-by-minute record of logs of the transactions which took place around the world. The incident came to light on August 11 when unusual, repeated transactions were taking place through ATM Visa and Rupay cards for nearly 2 hours.
As soon as suspicious transactions were reported, the bank shut down its Visa and Rupay Debit card payment system.
The bank has described the cyber fraud as “a malware attack on the switch which is operative for the payment gateway of VISA and Rupay Debit Card and not on the core banking system of the bank”.
Still, the extent of the hack will become clear only after the forensic investigation is complete.