Just a few days before one of the biggest cyber-attacks in Pune, in which nearly Rs 95 crore was transferred by unidentified hackers from Cosmos cooperative bank into foreign-based bank accounts, the FBI had warned banks of a major hacking threat to cash machines worldwide.
According to Krebs On Security, a cyber-security blog run by journalist Brian Krebs, a confidential alert sent out by the America's Federal Bureau of Investigation, told international banks that criminals are plotting a concerted global malware attack on cash machines in the next few days.
It was also believed that smaller banks with less sophisticated security systems were thought to be most vulnerable to an attack. The scheme used, which is known as an ‘ATM cash-out,’ in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.
Today, a day after the FBI’s warning, news broke out that fraudulent transactions from Cosmos cooperative bank were carried out on August 11 and August 13 through 25 ATMs located in Canada, Hong Kong and a few in India. According to police, the hackers used malware to hack the bank system and transferred the amount with over 12,000 transactions in the span of three days. The cards of the cooperative bank customers that were cloned were of Visa and Rupay.
“While cloning the Visa and Rupay debit cards of bank account holders and using a "parallel" system to the National Payment Corporation of India (NPCI), the hackers self-approved the transactions and withdrew over Rs 94 crore on two to three occasions”, an official added.
"On August 11, the hackers cloned the card details and did over 12,000 transactions and transferred Rs 78 crore out of India. On the second instance, total 2,849 transactions were done in which Rs 2.5 crore was transferred within India," an FIR said. It also said that on August 13, hackers again transferred Rs 13.92 crore in a Hong Kong-based bank by using fraudulent swift transactions.