Hackers transferred over Rs 94 crores from a 112-year-old Pune-based Cosmos Co-operative Bank through a malware attack that was directed on the server of the bank and on its thousand’s of debit cards.
The attack was carried out for over multiple days in which about Rs 78 crore was withdrawn from more than 12,000 ATM transactions in 28 countries. While another 2,800 transactions of amount Rs 2.5 crore were made from different cities in India.
As per the reports, Rs 13.9 crore was transferred to foreign banks through SWIFT (Society for Worldwide Interbank Financial Telecommunication) transaction.
“A complaint has been filed with Pune police about the malware attack and the bank is doing internal audits to investigate the breach,” the official said.
According to the bank, their core banking system (CBS) was intact and the malware attacked the switch, which is responsible for payment gateways of Visa and Rupay debit cards, as all the credit cards which were used in the hack was of Rupay or Visa.
“The core banking system (CBS) of the bank receives debit card payment requests via ‘switching system’. During the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed by the proxy switching system,” said the statement.
On August 11, the bank came to know about the suspicious transactions were taking place through their debit cards, and they immediately aborted all its credit card payment system in India as well as in foreign countries.
“None of the customers’ accounts were touched and it is the bank which has incurred the loss of this money,” the official said.
The Bank has said there is no need to panic as there have no fraudulent transactions from any of the customer’s account.
The statement underscored: “As it is a malware attack on the Switch which is operative for the payment gateway of VISA/RuPay debit cards and not on the CBS of the bank, the customers’ accounts and its balances are not at all affected.”
A professional forensic investigation team has been called up to look into the matter, and they will submit their report in the next few days regarding the modus operandi of the attack and the exact amount involved therein.