UPDATED 18:57 EST / MAY 10 2016

NEWS

Multiple banks struck by Turkish hackers

More banks are under cyber attack, with five South Asian banks suffering a data breach. Turkish hacking group Bozkurtlar (translated to “Grey Wolves”) has taken credit for the attack, following its recent attacks on the Qatar National Bank and UAE’s InvestBank.

The new victims, according to Data Breach Today, are located in Bangladesh and Nepal. From Bangladesh, there’s the Dutch Bangla Bank, The City Bank, and Trust Bank. From Nepal, the hackers targeted Business Universal Development Bank and Sanima Bank.

What was taken

The stolen files contain less overall data than the ones from the Qatar National Bank or InvestBank attacks, ranging between 251 megabytes and a mere 95 kilobytes. However, all of them contain at least some customer information or account credentials. Additionally, the data does appear to be old, with the most recent data being from August 2015.

Bozkurtlar has posted links to the files on its Twitter account, so countless cyber criminals could have accessed them by this point. Within the data, one can find records of banking transactions, usernames and passwords, user ID, email, birth dates, ages of parents, mailing addresses and contact numbers – all information that can be used for identity theft. Fortunately, no credit card numbers were stolen.

Analysis indicates that the hack was probably made possible through a webshell upload – a piece of code uploaded to the server that gives attackers administrative privileges to control the system.

Something new or a rerun?

InvestBank states that the data was probably obtained in a breach back in December 2015, so it may not be a more recent hack. In fact, the bank insists that there was no breach in recent times, and security was increased following the 2015 breach to avoid a repeat attack.

Meanwhile, the Qatar National Bank is still recovering from its earlier attack from the same group, but insists that its systems are secure and the incident will not impact its customers financially. The bank claims that some of the information was pulled from unaffiliated sources, such as social media, and that the incident is more an attempted attack on its reputation than its customers.

Photo by foilman


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU