Advertisement
|14 August, 2018

India's Cosmos Bank loses $13.5mln in cyber attack

The co-operative bank said unidentified hackers stole customer information through a malware attack on its ATM server

A man uses a traditional automated teller machine (ATM) in Bucharest May 17, 2013. Valentin Boanta is currently serving a five-year sentence for supplying gadgets to an organised crime gang used to conceal ATM skimmers. The 33-year-old proudly explains the device he has invented which, he says, could make the world's ATMs impregnable even to tech-savvy criminals like himself. Boanta says his "Secure Revolving System-SRS" can be installed in any ATM. It allows the bank card to be inserted longer side first and then rotates it to prevent skimmers being able to lock on to the magnetic data strip. The system returns the card to its user with a reverse rotation. To match story USA-CRIME/CYBERCRIME-ROMANIA REUTERS/Bogdan Cristel

A man uses a traditional automated teller machine (ATM) in Bucharest May 17, 2013. Valentin Boanta is currently serving a five-year sentence for supplying gadgets to an organised crime gang used to conceal ATM skimmers. The 33-year-old proudly explains the device he has invented which, he says, could make the world's ATMs impregnable even to tech-savvy criminals like himself. Boanta says his "Secure Revolving System-SRS" can be installed in any ATM. It allows the bank card to be inserted longer side first and then rotates it to prevent skimmers being able to lock on to the magnetic data strip. The system returns the card to its user with a reverse rotation. To match story USA-CRIME/CYBERCRIME-ROMANIA REUTERS/Bogdan Cristel

REUTERS/Bogdan Cristel

MUMBAI - Cyber criminals hacked the systems of India's Cosmos Bank and siphoned off nearly 944 million rupees ($13.5 million) through simultaneous withdrawals across 28 countries over the weekend, the bank has told police.

The co-operative bank said unidentified hackers stole customer information through a malware attack on its automated teller machine (ATM) server, withdrawing 805 million rupees in 14,849 transactions in just over two hours on Aug. 11, mainly overseas.

Apart from the ATM withdrawals, the hackers transferred 139 million rupees to a Hong Kong-based company's account by issuing three unauthorised transactions over the SWIFT global payments network, the bank said in a police complaint, a copy of which was seen by Reuters.

Advertisement

SWIFT, whose messaging system is used to transfer trillions of dollars a day, said it did not comment on individual cases.

Cosmos Bank, based in the western city of Pune, said in a press statement that its main banking software receives debit card payment requests via a "switching system" but it was bypassed in the attack.

"During the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed by the proxy switching system," the bank said.

The bank declined to reveal the countries, citing security risks.

Police said they were investigating the theft.

A police official, who declined to be named, said they had enlisted the help of experts to find out how authorised transactions were conducted simultaneously in various countries.

India's City Union Bank Ltd reported in February that it had suffered three "fraudulent remittances" of nearly $2 million that had been pushed through the SWIFT financial platform.

In 2016, unknown hackers stole more than $81 million from the Bangladesh central bank's account with the Federal Reserve Bank Of New York. Investigators have made little progress in the case.

"While there is growing awareness to regularly update an organisation's cyber preparedness and defence mechanisms, a large number of institutions wake up to this reality only post an incident which often leads to a loss of reputation and/or financial misappropriation," said Nikhil Bedi, a partner with Deloitte India.

($1 = 69.8950 Indian rupees)

(Reporting by Rajendra Jadhav; Editing by Adrian Croft) ((rajendra.jadhav@thomsonreuters.com; +91-22-6180-7153 ; Reuters Messaging: rajendra.jadhav.thomsonreuters.com@reuters.net))