Hackers siphon Rs 94 crore from Pune’s Cosmos Bank via ATMs in 28 countries
Pune: The banking sector was rattled again when hackers siphoned off a whopping Rs 94.42 crore from the Cosmos Cooperative Bank Ltd – the second oldest and second biggest cooperative bank in India – to foreign and domestic bank accounts, officials said on Tuesday.
Shockingly, the Cosmos Bank admitted that it was “cyber-attacked twice, first on Saturday and again on Monday” – with ATM withdrawals taking place in at least 28 countries, according to an FIR lodged by a senior official with Chaturshringi Police Station.
The police complaint said the first attack took place on August 11 between 3 p.m. and 10 p.m. and the second on August 13 around 11.30 a.m., affecting its headquarters on Ganeshkhind Road.
“We have appointed a professional forensic agency to investigate this malware attack. It will submit its report in the next few days regarding the modus operandi of this and the exact amounts involved,” Chairman Milind A. Kale told the media.
He said that normally, the Core Banking System (CBS) receives debit card payment requests via its ‘Switching System’. But during the Malware attack, a proxy switch was created and all the fraudulent payment approvals were passed through the proxy switching system.
On Saturday, around Rs 78 crore was withdrawn through ATMs located in 28 countries through 12,000 Visa Card transactions, Kale added. These were transferred out of the country, including bank accounts in Hong Kong.
Another amount of Rs 2.50 crore from 2,849 transactions was transferred within India, details of which were being investigated by the police.
The cyber attack came to light on Saturday when the bank noticed “unusual repeated transactions taking place through its Visa and Rupay Debit Card Payment System”, Kale said.
As soon as these suspicious transactions were reported, the bank reacted by clamping a shutdown on its Visa and Rupay debit card payment systems pending investigation.
A police officer said that during those hours, some unknown persons hacked into the ATM Switch (servers) at the bank’s headquarters and acquired the sensitive data of its Visa and RuPay debit card customers.
However, in a fresh attack on Monday (August 13), the hackers initiated SWIFT transactions and transferred Rs 13.92 crore to the accounts of a company, ALM Trading Ltd, with Hang Seng Bank, Hong Kong. The amounts were soon withdrawn from that bank.
Kale pointed out that since the Malware attack was on the Switch System which is operative for the payment gateway of Visa/Rupay debit cards and not on the Cosmos Bank’s CBS, “the customers’ accounts and their balances are not at all affected.
“None of the fraudulent transactions is debited to any customer accounts and will not be debited in future too. The Savings, Term Deposits and Recurring accounts of the depositors are totally safe,” Kale assured, urging customers not to panic.
He said the Bank’s servers and other systems were inspected annually by the RBI Audit and System Audit. The Cosmos Bank was ensuring all the measures for data security and this security system was fully operational.
Established in 1906, the Pune-headquartered Cosmos Bank is the second oldest and second biggest cooperative bank in the India, enjoying the status of a multi-state scheduled bank.