Cosmos Bank’s server hacked, Rs. 94 cr moved to Hong Kong


As per our report, there has been a cyber-attack on the Pune based, Cosmos Co-operative Bank Ltd, on Tuesday. A complaint was lodged a complaint against an unidentified person and a Hong Kong-based company after the server of its main branch was allegedly hacked twice and over Rs 94 crore was transferred to accounts in India and outside the country.


The report also says that the server of the bank has been compromised on August 11 and August 13 and the cyber criminals carried out 15,000 transactions. According to the complaint, Rs 80.5 crore were initially transferred to a foreign bank in 14,849 transactions of the debit card, and another Rs 13.92 crore transferred in a SWIFT transaction.


Hackers managed to transfer over Rs 94 crore through a malware attack on the server on Cosmos Bank and cloning thousands of the bank’s debit cards over a period of two days, the sources from a senior bank official revealed.


The stolen amount left a deposit trail in Hong Kong where an amount of Rs 78 crore was transferred, the report added. A transaction of Rs 2.5 crore was also done in India through National Payments Corporation of India (NPCI) and VISA, as was reported.


The fraudulent transactions were carried out on August 11 and August 13 through 25 ATMs located in Canada, Hong Kong and a few in India and the cards of the cooperative bank customers that were cloned were of Visa and Rupay and the bank is doing internal audits to investigate the breach.

However, the bank says that the core banking system (CBS) was not attacked and the malware attack was on the switch, which is operative for payment gateways of Visa and Rupay debit cards. 

“None of the customers’ accounts were touched and it is the bank which has incurred the loss of this money,” the official said. 


Cosmos Bank was established in 1906 and is one of the oldest urban co-operative banks in the country. It has five regional offices with 140 service outlets across seven states. Suhas Subhas Gokhale, Managing Director of Cosmos with his team efforts have managed to emerge larger than even some private banks.


Cosmos Bank also offers interest facility for accounts opened under RERA, It is mandatory for builders and developers to open a separate account in the scheduled bank for every project. It is expected that in this ‘escrow’ account, 70% of total project amount should be credited. 

The Cosmos Bank, was earlier compromised with the infamous RIG Exploit Kit. As per Quick Heal Threat Research Labs, they were able to reproduce the series of events that lead to this attack on 20th March 2017. Also, upon tracing back to the recorded logs, it was observed that the infection has been present on the website from 17th March 2017. The bank was notified about the infection on 20th March 2017.


The complaint said that the malware attack was launched on the ATM switch server where the amount was moved to foreign locations. The hackers were able to get the amount approved by the bank to bypass the stringent online security measures. The complaint also said the information of thousands of cardholders has been compromised from the bank.