Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Indian Bank Loses $13.5m in Global Attack

An Indian bank has lost nearly 944m rupees ($13.5m) after hackers withdrew the funds from ATMs around the world and made other fraudulent SWIFT transfers.

Pune-headquartered Cosmos Bank claimed the attackers first stole customer information by installing malware on the firm’s ATM server, before conducting the globally co-ordinated withdrawals in 28 countries on August 11.

An alert from the FBI warned unnamed banks on Friday of an imminent “global Automated Teller Machine (ATM) cash-out scheme” but was unable to halt the sophisticated plot.

“Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities,” it noted. “The FBI expects the ubiquity of this activity to continue or possibly increase in the near future.”

The self-styled “leading co-operative bank in India” was also hit by three unauthorized transfers via SWIFT to a Hong Kong company’s account worth 139m rupees ($2m).

The lender claimed that the hackers managed to bypass the main switching system used for debit card payments.

“During the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed by the proxy switching system,” it said in a press release seen by Reuters.

The case will bring to mind a series of high-profile raids on financial institutions over the past few years, many of them involving the SWIFT interbank transfer network.

Tamil Nadu-headquartered City Union Bank was targeted in February, when an alleged international group of hackers tried to make $2m worth of illegal transfers, although they only succeeded in getting half of that.

The run of attacks on lenders began with a major $81m raid on Bangladesh Bank back in 2016 which was subsequently blamed on the infamous North Korea-linked Lazarus Group.

What’s Hot on Infosecurity Magazine?