NPCI blames Cosmos Bank for malware attacks
Mumbai, Aug 15: The National Payments Corp of India (NPCI) on Wednesday held the Cosmos Cooperative Bank Ltd's "own IT environment" responsible for the unprecedented cyber loot which left the Pune-based bank poorer by Rs 94.42 crore.
In a statement here, the NPCI's Head Risk Management, Bharat Panchal, said: "The NPCI's systems are fully secure and this particular issue has occurred within the (Cosmos Bank's) own IT environment.
"This has happened due to malware-based attack on the bank's IT system which has caused a fraud. Under the attack, maximum transactions have been reported from outside India."
He reiterated that the systems of NCPI - the umbrella organisation for operating retail payments and settlement systems in India - "were absolutely secure and it was continuously monitoring the situation arising out of the Cosmos Bank episode".
The Indian banking industry went in shudders on Tuesday after the Cosmos Bank admitted that it had fallen victim to an international group of hackers who siphoned off a total of Rs 94.24 crore in two cyber attacks on August 11 and August 13.
In the first cyber hit, the bank lost Rs 80.50 crore through multiple ATM swipes in 28 countries.
In the second malware assault, the hackers gobbled up Rs 13.92 crore by initiating SWIFT transfers.
Cosmos Bank Chairman Milind A. Kale said that after the malware attack on the critical communication system between various payment gateways was hacked, the hackers' gangs were informed simultaneously in 28 countries and they immediately started the withdrawals, in many cases small amounts of around $100, to avoid rousing suspicions.
He said normally, the Core Banking System (CBS) receives debit card payment requests via its 'Switching System'. But during the malware attack, a proxy switch was created and all the fraudulent payment approvals were passed through the proxy switching system.
Kale said the bank's own servers and other systems were inspected annually by the Reserve Bank of India Audit and System Audit and the bank was ensuring all the measures for data security and this security system was fully operational.
Banking experts and industry players fear this could be a 'pilot run' unless the authorities take it seriously.
Meanwhile, pending investigations, the country's second oldest and second largest cooperative bank (in terms of deposits and advances) has now shut all its ATMs across the country for two days till Thursday to prevent any further incidents.
The consolation was the Kale's assurance that none of the bank's 20 lakh customer accounts across 140 branches in the country have been affected nor would they bear any loss.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Traffic fraud: Fake 'no-entry' sticker racket busted in Delhi, mastermind among 3 held
New Delhi (PTI): Police here have busted a crime syndicate involved in traffic fraud and extortion, arresting three people including the alleged mastermind who sold fake stickers to help commercial vehicles bypass no-entry restrictions, an official said on Saturday.
The police said they dismantled a third organised syndicate linked to traffic-related frauds, with the arrest of Rinku Rana alias Bhushan, his associate Sonu Sharma and Mukesh Kumar alias Pakodi, who was also connected to another extortion syndicate.
According to the police, Rinku Rana was running a well-organised network that facilitated the movement of commercial goods vehicles during restricted hours by selling fake 'marka' or stickers for Rs 2,000 to Rs 5,000 per vehicle every month. The stickers were falsely projected as authorisation to evade traffic challans.
During raids, the police recovered Rs 31 lakh in cash, property documents worth several crores of rupees, over 500 fake stickers and six mobile phones allegedly used to operate the syndicate.
The crackdown followed a complaint filed by a traffic police officer in April this year after a commercial vehicle tried to evade checking by producing a fake sticker claiming exemption from enforcement action.
Investigation revealed that social media groups were being used to coordinate the illegal movement of vehicles and alert drivers about traffic police checkpoints, police said.
"A parallel system was being run to cheat drivers and vehicle owners while undermining traffic enforcement. On the basis of evidence, provisions related to organised crime under the BNS were invoked," a senior police officer said.
Sonu Sharma, the police said, managed social media groups through which stickers were sold and real-time alerts were circulated regarding traffic police movement. He also acted as a link between Rana and drivers operating in the field.
In a related development, Mukesh Kumar alias Pakodi, an associate of Rajkumar alias Raju Meena, who was earlier arrested under the Maharashtra Control of Organised Crime Act (MCOCA), was also apprehended.
Mukesh allegedly helped extort money from transporters and was involved in blackmailing traffic police personnel by recording enforcement actions, the police said.
Investigators alleged the syndicate led by Rajkumar deployed drivers to deliberately violate traffic rules and secretly record police officials during challans, later using manipulated videos to extort money under threat of false allegations.
The police said that in total, eight accused belonging to three different organised crime syndicates linked to traffic frauds and extortion have been arrested so far.
Further investigation is underway to trace the remaining members, conduct financial probes, and analyse digital evidence recovered during the raids, officials added.
