Cyber criminals stole nearly $13.5 million (944 million rupees) from India’s Cosmos Bank through simultaneous withdrawals across 28 countries over the weekend.
By using a malware attack on the bank’s ATM server, hackers stole customer information and withdrew 805 million rupees in 14,849 transactions in just over two hours on August 11, mostly overseas, reports Reuters.
Apart from the ATM withdrawals, the hackers transferred 139 million rupees to a Hong Kong-based company’s account.
Earlier this week, the FBI was alerting banks that cybercriminals are preparing a coordinated “ATM cash-out” fraud scheme, which could result in millions of dollars being stolen from ATMS around the world in a number of hours, according to security blog Krebs on Security.
According to the FBI alert: “Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities. The FBI expects the ubiquity of this activity to continue or possibly increase in the near future.”
The FBI urged banks to review how they’re handling security, including password requirements and multi-factor authentication for local administrators and business-critical roles.