Hackers who tried to steal nearly $2 million from India’s City Union Bank this month used tactics similar to those employed in the unsolved cyber heist of $81 million from Bangladesh’s central bank in 2016, City’s CEO said on Monday.
The unknown hackers disabled the City printer connected to global payments platform SWIFT on Feb. 6, preventing the bank from receiving acknowledgement messages for three fraudulent payment instructions sent that evening until the next morning.
“Nobody suspected that it was an attack and thought it was a systemic network failure,” N. Kamakodi told Reuters by phone. “The system department people, everybody assembled, analyzed the problem, rebooted, they closed shop only around 10-10.30 in the night.”
The next morning, bank officials managed to reconcile the previous day’s transactions and found out “three transactions which were not originated from our bank.”
The bank had been able block only one of the transfers worth $500,000, while attempts were under way to retrieve the rest, he said. It first disclosed the heist on Saturday. (http://reut.rs/2ohQElt)
In the case of Bangladesh Bank, hackers infected the system with malware that disabled the SWIFT printer. Bank officials in Dhaka initially assumed there was simply a printer problem. (http://reut.rs/2jk1W74)
The hackers stole the money from Bangladesh Bank’s account at the Federal Reserve Bank of New York using fraudulent orders on SWIFT. The money was sent to accounts at Manila-based Rizal Commercial Banking Corp and then disappeared into the casino industry in the Philippines.
Nearly two years later, there is no word on who was responsible and Bangladesh Bank has been able to retrieve only about $15 million, mostly from a Manila junket operator.
“We definitely see similarities between the Bangladesh case, and the similarities are being factored into the investigation,” Kamakodi said.
City Union, a small private lender based in south India, said the three money transfer instructions were sent via correspondent banks to accounts in Dubai, Turkey and China.
He said SWIFT was helping it investigate the matter, and that the hack happened despite the bank adding new security measures days before.
“It’s a cat and mouse game,” he said.
SWIFT said it did not comment on individual customers or entities.
Russia’s central bank said last week that unknown hackers stole 339.5 million roubles ($6 million) in an attack via the SWIFT international payments messaging system in Russia last year. (http://reut.rs/2Gl0Hxu)
($1 = 56.4 roubles) (Reporting by Sudarshan Varadhan; editing by Krishna N. Das and Nick Macfie)
Related:
- India’s City Union Bank Hit by Cyber Heist via SWIFT Payments System
- Hackers Target SWIFT Payments System at Russia’s Globex Bank
- Russian-Speaking Hackers Steal $10M from U.S., Russia Banks: Cyber Security Firm
- Global Banks Face ‘Significant Evolution’ in Cyber Threat Level: SWIFT
- Nepal Bank Latest Victim in String of Global Cyber Heists
- SWIFT Official Warns Banks of Escalating, More Sophisticated Cyber Threats
- SWIFT Expects Cyber Attacks on Banks to Increase
- Malware Used to Steal $80M-Plus in Bangladesh Cyber Bank Heist: Officials
Was this article valuable?
Here are more articles you may enjoy.