An Indian bank has claimed that a global network of cyber-criminals attempted to transfer nearly $2m in fraudulent remittances to accounts around the world.
The CEO of Tamil Nadu-headquartered City Union Bank, N. Kamakodi, said over the weekend that the attackers infiltrated the lender’s systems before making the unauthorized transfers.
Staff involvement is not suspected, meaning the hackers are likely to have interfered with the bank’s internal payment processes to achieve their ends.
“This is basically a cyber-attack by international cyber-criminals,” he told Reuters. “We are very clear now the account holders are part of this conspiracy.”
City Union was apparently able to block a $500,000 transfer sent through a Standard Chartered bank account in New York to a Dubai bank.
Another remittance, again sent via a Standard Chartered account but this time based in Frankfurt, was blocked by a Turkish lender from reaching its recipient. That one was valued at €300,000 ($372,150).
However, a third transfer of $1m sent via a Bank of America account in New York to Zhejiang Rural Credit Cooperative Union in Hangzhou, China, appears to have succeeded.
The remittances were sent via the popular Swift platform, which was notoriously abused by suspected North Korean hackers to pull-off an audacious $81m cyber-heist at the Bangladesh Bank back in 2016.
Since then, countless banks have been attacked in a similar manner, including Russian state bank Globex, and financial institutions in Vietnam and Ecuador.
Just last week, Russia’s central bank claimed an unnamed lender in the country had suffered a $6m loss after an attack exploited the Swift transfer system.
Trend Micro has warned that such “business process compromise” attacks are on the rise, claiming that although they require more preparatory work and high-level of sophistication, the rewards are potentially very high.