Indian Cosmos Bank Malware Attack Ends with Theft of $13.5 Million

Cosmos Bank, known as India’s second-largest cooperative bank, has been breached by hackers, and a total of 940 million rupees, or $13.5 million, were stolen. More specifically, attackers stole customer details via a malware attack on the bank’s ATM servers, and succeeded in transferring money to a Hong Kong-based company’s account.

The hack is still under investigation, and the exact time of the intrusion hasn’t been specified yet. However, representatives of the bank have said that the attack on the bank’s accounts happened in three stages, in the range of three days.

More about the Attack on Cosmos Bank

Cosmos bank said unidentified hackers stole customer information through a malware attack on its automated teller machine (ATM) server, withdrawing 805 million rupees in 14,849 transactions in just over two hours on Aug. 11, mainly overseas, Reuters recently reported.

In addition to the ATM attack, the hacking group also transferred 139 million rupees to a Hong Kong-based company’s account by issuing three unauthorised transactions over the SWIFT global payments network.

Cosmos Bank, which is based in the western city of Pune, officially stated that its main banking software receives debit card payment requests via a “switching system”. Unfortunately, the system was bypassed in the attack. “During the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed by the proxy switching system,” the statement said.

Three Stages of the Attack

As mentioned in the beginning, the attack on Cosmos bank unfolded in three stages.

The first stage involves 12,000 withdrawals via the VISA card system which led to the theft of 780 million rupees ($11 million). Most of these transactions happened mainly overseas. The bank, however, hasn’t specified where exactly.

The second wave of the attack was initiated two hours later when cybercriminals (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Milena Dimitrova. Read the original post at: