- Joined
- Jun 13, 2020
- Messages
- 6,488
- Reaction score
- 890
- Points
- 212
- Awards
- 2
How bank card cloning has replenished North Korea’s budget by millions of dollars.
A few years ago, a cyber incident, quite interesting in terms of absurdity, occurred in India, the details of which were recently disclosed. Some intruders tricked a group of men into becoming involuntary participants in a large bank robbery. Unknown offered buddies small roles in the Bollywood film. However, as it turned out later, this « film » would never have reached large screens.
On one of the quiet Saturdays, employees of the head office of Cosmos Bank, based in. Pune, began receiving a series of disturbing messages from Visa. The largest payment operator warned bank employees that it would find thousands of requests to withdraw large amounts from Visa Cosmos cards at ATMs around the world. However, when bank employees checked their own systems, they could not find any evidence of abnormal transactions.
About half an hour later, the bank management decided to play it safe and allowed Visa to suspend all transactions with Cosmos cards. Unfortunately, this delay ultimately cost the bank extremely expensive. When Visa sent a complete list of suspicious transactions, Cosmos bank management was simply stunned. It turns out that the attackers were a total of about $ 14 million from Cosmos accounts. Of course, the regional governors in this case were not at all customers of the bank. They only used the card issued to them, and then returned the cash to the ATM and transferred it to the accounts of intruders.
Indian investigators were able to arrest 18 suspects after analyzing recordings from surveillance cameras in areas located near ATMs. The suspects were recruited as extras for a Bollywood film, but were used as participants in the robbery.
As it turned out later, in fact there were much more participants in the robbery. The criminals managed to withdraw cash from hundreds of ATMs in 28 different countries of the world, including the United States, Britain and Russia. Moreover, he took the whole process for a little more than 2 hours. As you can see, even Visa did not immediately detect abnormal activity.
This operation is associated with the North Korean group of Lazarus hackers, which previously carried out similar attacks. How did Lazarus manage to crank up this operation? Hackers reportedly used a method called « jackpotting » to steal money. They were also helped in the attack by accomplices who manufactured hundreds of fake Cosmos bank cards, which are an exact copy of existing and existing cards. During a coordinated attack, attackers managed to simultaneously enter the same bank accounts from different ATMs and withdraw as many funds as these accounts were not in principle.
North Korea has repeatedly denied any involvement in robberies or other hacker schemes. However, even according to rough estimates, the DPRK has up to 7,000 trained hackers, who are often sent to work abroad. According to sources close to the government, these cyber units carry out massive cyber attacks, working in close dormitories around the world and having only a computer and the Internet in their arsenal.
A few years ago, a cyber incident, quite interesting in terms of absurdity, occurred in India, the details of which were recently disclosed. Some intruders tricked a group of men into becoming involuntary participants in a large bank robbery. Unknown offered buddies small roles in the Bollywood film. However, as it turned out later, this « film » would never have reached large screens.
On one of the quiet Saturdays, employees of the head office of Cosmos Bank, based in. Pune, began receiving a series of disturbing messages from Visa. The largest payment operator warned bank employees that it would find thousands of requests to withdraw large amounts from Visa Cosmos cards at ATMs around the world. However, when bank employees checked their own systems, they could not find any evidence of abnormal transactions.
About half an hour later, the bank management decided to play it safe and allowed Visa to suspend all transactions with Cosmos cards. Unfortunately, this delay ultimately cost the bank extremely expensive. When Visa sent a complete list of suspicious transactions, Cosmos bank management was simply stunned. It turns out that the attackers were a total of about $ 14 million from Cosmos accounts. Of course, the regional governors in this case were not at all customers of the bank. They only used the card issued to them, and then returned the cash to the ATM and transferred it to the accounts of intruders.
Indian investigators were able to arrest 18 suspects after analyzing recordings from surveillance cameras in areas located near ATMs. The suspects were recruited as extras for a Bollywood film, but were used as participants in the robbery.
As it turned out later, in fact there were much more participants in the robbery. The criminals managed to withdraw cash from hundreds of ATMs in 28 different countries of the world, including the United States, Britain and Russia. Moreover, he took the whole process for a little more than 2 hours. As you can see, even Visa did not immediately detect abnormal activity.
This operation is associated with the North Korean group of Lazarus hackers, which previously carried out similar attacks. How did Lazarus manage to crank up this operation? Hackers reportedly used a method called « jackpotting » to steal money. They were also helped in the attack by accomplices who manufactured hundreds of fake Cosmos bank cards, which are an exact copy of existing and existing cards. During a coordinated attack, attackers managed to simultaneously enter the same bank accounts from different ATMs and withdraw as many funds as these accounts were not in principle.
North Korea has repeatedly denied any involvement in robberies or other hacker schemes. However, even according to rough estimates, the DPRK has up to 7,000 trained hackers, who are often sent to work abroad. According to sources close to the government, these cyber units carry out massive cyber attacks, working in close dormitories around the world and having only a computer and the Internet in their arsenal.