Hackers Clone Debit Cards From India Bank

India’s Cosmos Bank was the target of an attack in which hackers were able to transfer more than Rs 94 crore via a malware attack, reported The Economic Times.

According to the report, citing a senior bank official, the hackers used a malware attack to clone thousands of the bank’s debit cards over the course of two days. The fraud was carried out on Aug. 11 and Aug. 12 via 25 ATMs that were located in Canada, Hong Kong and India.

“A complaint has been filed with Pune police about the malware attack, and the bank is doing internal audits to investigate the breach,” the official said.

Cosmos Bank said its core banking system was not hacked and that the malware was on the switch. “None of the customers’ accounts were touched, and it is the bank that has incurred the loss of this money,” the official said.

The cloned cards were Visa and RuPay debit cards of bank account holders that used the National Payments Corporation of India (NPCI) system, noted the report. Cosmos Bank has closed all its servers and net banking facilities as a precautionary measure, said the official.

The hack comes as the FBI in the U.S. is warning banks and merchants that cybercriminals are gearing up to launch a choreographed global scam, known as the “ATM cashout,” in which the bad guys hack a bank or payment card processor to make cloned cards that they can use to withdraw money from ATMs around the globe. According to a Krebs on Security report, citing a confidential alert the FBI sent to banks late last week, millions of dollars can be stolen in only a few hours.

“The FBI has obtained unspecified reporting, indicating cybercriminals are planning to conduct a global Automated Teller Machine (ATM) cashout scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation,’” the letter read, according to the report. According to the FBI, the bank or payment processor is compromised with malware to access bank customer card information and exploit network access, enabling funds to be taken from ATMs.