Just days after an FBI warning of the prospect of a worldwide mass hacking plot that could have millions withdrawn from bank accounts, Hackers managed to steal $13 million from ATMs across 28 countries.
The cybercriminals infected cash machines of India based Cosmos Bank with malware, which allowed them to approve transactions and access client accounts, reports Yahoo News. Fake credit cards were used to drain the cash from the machines.
In a confidential alert issued last Friday, the FBI had warned American banks of an imminent “cashout” attack on cashpoints around the globe.
The agency was concerned of a highly choreographed fraud scheme known as an ATM “jackpotting,” essentially describing exactly what had happened to the ATMs of Cosmos Bank.
Roughly 12,000 transactions were made during the hack attack between 11 August and 13 August, according to Cosmos Bank chairman Milind Kale.
“In two days, hackers withdrew a total 780 million rupees ($11.1m) from various ATMs in 28 countries, including Canada, Hong Kong and a few ATMs in India, and another 25 million rupees ($356,000) were taken out within India,” he said.
The hacks continued into Monday with the attackers transferring 139.2 million rupees ($2m) to a Hong Kong-based bank by using the Bank’s compromised SWIFT international payments system.
Cosmos Bank said in a statement to Reuters that, “During the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed by the proxy switching system.”
While it isn’t totally clear who was behind the hacks, some media outlets are questioning it was the North Korean linked Lazarus group who reportedly tried to transfer some $81 million from the central bank of Bangladesh.
Since the attack, Cosmos has told account holders that their money is safe and a professional forensic agency has been hired to investigate the attack.