Pune August 16 2018: In what looks like an international heist, hackers have transferred over Rs 940 million in an attack on the server of the 112 year old Pune-based Cosmos Co-operative Bank . They cloned thousands of the bank’s debit cards over a period of two days between August 11 and 13.
They, did over 12,000 transactions and transferred Rs 780 million out of India in the first attack and 2,849 transactions to take Rs 250 million within India in the second attempt. Some 25 ATMs located in Canada, Hong Kong and a few in India were attacked. Visa and Rupay debit cards of the bank were cloned. The hackers using a “parallel” system to the National Payment Corporation of India (NPCI), self-approved the transactions, it is learnt.
Cosmos Bank chairman Milind Kale said the cooperative bank's core banking system was not affected and customers’ savings, term deposits, recurring accounts of all the stakeholders are fully safe
The bank has registered First Information Report at the Chatushringi police station in the city and a case was registered under sections 43, 65, 66(C) and 66 (D) of the Information Technology Act and relevant sections of the Indian Penal Code.
What was the method? Hackers breached the firewall in servers that authorize ATM transactions. A fake proxy server was then created and transactions authorized by the fake server. In effect ATMs were being directed to release money without checking whether the cards were genuine or whether there
Economic Times reports that the US Federal Bureau of Investigation had warned global banks that cyber criminals were planning a choreographed, global fraud known as an "ATM cash-out". An ATM cash-out refers to a highly orchestrated event where a bank or a card payment processor is compromised and the unauthorized access is misused to withdraw cash within hours.
International media had reported details of the FBI warning on Monday but by then Cosmos Bank had already been hit.
Cosmos Bank, established in 1906, is one of the oldest Urban Co-operative Banks in India. It celebrated its centenary on 18 January 2006. It is one of the first co-operative banks in the country to implement Core Banking System (CBS) across the entire network of its then 140 service outlets using Finacle-Infosys Core Banking Software. It also received an authorized dealer (AD) license from the Reserve Bank of India to become the third co-operative bank in India to have such a license in thirty years.The bank is headquartered in Pune in its Corporate Office - Cosmos Tower -- near on Ganeshkhind Road, Shivajinagar, Pune. It has 5 regional offices with 140 service outlets in India, spread across 7 states and in 39 major Indian cities.