Fraudsters stole millions of dollars from Indian bank Mahesh Bank


Unknown cybercriminals hacked into the computer networks of the Indian bank Andhra Pradesh Mahesh Co-Operative Urban Bank and stole funds worth several million dollars. According to the Hyderabad City Police, the bank did not have a valid license to use a firewall, proper phishing protection, intrusion detection systems and or any cyber attack prevention system.

The cyberattack began with sending more than 200 phishing emails to bank employees in November 2021. At least one of these emails was able to deceive a bank employee and led to the installation of a Trojan for remote access (RAT).

In addition, the bank also decided not to use virtual local area networks, so as soon as the RAT started working, the attackers gained access to the bank’s systems and were able to move around the network and even in the main banking application.

As the results of the investigation showed, Mahesh Bank allowed an increase in the number of superusers to ten, with some having the same passwords. The attackers hacked several accounts and gained access to databases containing information about customers, including account balances. Hackers also created new bank accounts and transferred customers’ money to them. The stolen funds worth more than $1 million were transferred to hundreds of other accounts at Mahesh Bank and other financial institutions. The cybercriminals then withdrew money from 938 ATMs across India and fled with cash.

The Hyderabad City Police managed to detect the attack and freeze about $2 million before the criminals managed to take them off. According to the police report, the bank “did not have a proper network infrastructure”, did not take precautions to isolate the head office applications from its branches, did not have many basic security tools and did not train its staff to protect against phishing attacks.

Start a discussion …