Monday, December 10, 2018

Cyber attackers steal 150,632 plastic cards’ data of three banks

KARACHI: At least three Pakistani banks were pounced with yet another cyber attack after a gap of almost three weeks as data of over 150,000 plastic cards were put on sale on the dark net on November 13, The News learnt on Friday.

A Moscow-based anti-fraud firm the Group IB detected an abnormal spike in Pakistani banks’ data offered for sale on one of the card shops as a new set of dumps – technical epithet for card data – was uploaded to Jokerstash card shop, a secretive hub of stolen card data.

“There were 150,632 dumps of Pakistani banks,” the information security firm said in a statement. “The banks affected by this breach included major Pakistani financial organizations such as Habib Bank, MCB Bank Limited, Allied Bank Limited and many others.”

A central bank’s spokesman declined to comment on the latest whistle blow.

Group-IB said Habib Bank “was affected most by the breach. Roughly 20 percent of cards in the uploaded database was issued by this bank”.

The cyber theft didn’t just affect the Pakistani banks alone as some other international banks’ data were also compromised by the hacking attempts.

The Group-IB said more than 16,000 cards of other regional banks and over 11,000 card data of banks with unrecognised geography were also dumped on the hub. It didn’t mention the currency unit of the amount to clarify how much the latest breach would cost, but it said the “total amount of dumps that went on sale on Nov. 13 was amounted to 177,878”.

The Group-IB official said it is very rare that Pakistani banks’ cards come on sale on the dark net card shops. “In the past six months it was the only big sale of Pakistani banks’ data.”

Last month, the Group IB also pointed at nine banks including BankIslami, Habib Bank, JS Bank, Faysal Bank, Soneri Bank, Bank of Punjab, Bank Alfalah, Silkbank, and MCB Bank whose data was compromised. But, the Pakistani banks said their data was safe and not vulnerable to cybercrime.

BankIslami accepted Rs2.6 million of its consumers were siphoned off and later they credited the amount into the bank accounts.

The Group IB said there were no card dumps of BankIslami up for sale this time around.

The information security firm said the file was initially put on sale under the name “PAKISTAN-WORLD-EU-MIX-03 (fresh skimmeD EU base): PAKISTAN/WORLD/EU TR1+TR2, uploaded (on November 13)”. The file was with non-refundable base.

“Slightly later the name of the database with dumps was changed to «PAKISTAN-WORLD-EU-MIX-03 (fresh skimmeD EU base): PAKISTAN/WORLD/EU TR1+TR2,” uploaded on the same date. The time for refunds was three hours.

“Presumably, originally the seller didn’t want to allow refunding purchased cards, but he later decided to give its potential buyers sometime to test the reliability and value of data on sale,” the Group-IB said.

Dmitry Shestakov, head of Group-IB Cybercrime research unit said card dumps are usually obtained by using skimming devices and through Trojans infecting workstations connected to point of sale terminals.

“What is interesting about this particular leak is that the database that went on sale hadn’t been announced prior either in the news, on card shop or even on forums on the dark net,” Shestakov said.

“The market value of this database is estimated at $19.9 million. The sale price for these card dumps ranges from $17 to $160.” The information security firm said the previous breach might have caused the compromise of BankIslami account holders that took place on October 27. “The set of dumps was valued at $1.1 million with sale price ranging from $35 to $150.”

The Group-IB said on an average 1.8 million dumps were uploaded to card shops monthly from June 2017 to August 2018. “Card dumps account for 62 percent of total sets of card data sold, which means that POS Trojans represent the major method of compromising credit cards and might have caused this particular leak,” it said in another report.

The central bank has directed banks to upgrade their systems to meet any cyber attack challenge in future. Banks are required to inform SBP and peer banks of any imminent threat that comes to their knowledge and SBP will take all possible actions to safeguard the banking system.

Banks took various measures to improve shield of their IT systems against any cyber attack following the central bank’s instructions. Last month, they also temporarily stopped debit cards of their customers for international cash withdrawal.







SHARE THIS

Author:

Thanks for visiting our website. Like our FB pages and subscribe for daily updates; you can comment on the above post bellow ↓with your Google id or Facebook id – Thank you for your time..☺

0 comments:

 
‎لطیفے اور شاعری‎
Facebook group · 8,142 members
Join Group
یہ گروپ آپ سب کے لئے ہے۔ پوسٹ کیجئے اور بحث کیجئے۔۔۔۔۔ اپنی آواز دوسروں تک پہنچائے۔۔۔اور ہاں گروپ کو بڑا کرنے کے لئے اپنے دوستوں کو بھی گروپ میں دعو...
 

All Categories

Aaj Kamran Khan ke Saath Aamir Liaquat Hussain Aapas ki Bat NajamSethi Abdul Qadir Hassan AchiBaatain Afghanistan Aga Khan University Hospital AirLineJobs Allama Iqbal America Amjad Islam Amjad Anjum Niaz Ansar Abbasi APP Aqwal Zareen Articles Ayat-e-Qurani Ayaz Amir Balochistan Balochistan Jobs Bank of Khyber Banking Best Quotes Biwi Jokes Blogger Tips Chaltay Chaltay by Shaheen Sehbai China Chitral Coca-Cola Coke Studio Columns CookingVideos Corporate News Corruption Crimes Dr Danish ARY Sawal Yeh Hai Dubai E-Books EBM Education Educational Jobs Emirates English #Quotes English Columns EnglishJokes Funny Photos Funny Talk Shows Funny Videos Gilgit-Baltistan Girls Videos Govt Jobs HabibJalibPoetry Hamid Mir Haroon Al-Rashid Hasb-e-Haal with Sohail Ahmed Hassan Nisar Hassan Nisar Meray Mutabaq Hazrat Ali AS Sayings HBL Health HikayatShaikhSaadi Hospital_Jobs Hotel Jobs Huawei Hum Sab Umeed Say Hain India Information Technology Insurance International News Islam Islamabad Islamic Videos JammuKashmir Javed Chaudhry Jazz Jirga with Salim Safi Jobs Jobs Available Jobs in Karachi Jobs in KPK Jobs in Pak Army Jobs_Sindh JobsInIslamabad Jokes Jubilee Insurance Kal Tak with Javed Chaudhry Karachi Kashmir KhabarNaak On Geo News Khanum Memorial Cancer Hospital Khara Sach With Mubashir Lucman Khyber Pakhtunkhwa Lahore Latest MobilePhones Lenovo LG Life Changing Stories LifeStyle Live With Dr. Shahid Masood Live with Talat Hussain Maulana Tariq Jameel MCB Bank Microsoft Mobilink Mujeed ur Rahman Shami Munir Ahmed Baloch Nasir Kazmi Nazir Naji News News Videos NGO Nokia North Korea Nusrat Javed Off The Record (Kashif Abbasi) Off The Record With Kashif Abbasi On The Front Kamran Shahid OPPO Orya Maqbool Jan Pakistan Pakistan Army Pakistan Super League Pashto Song Photos Poetry Political Videos Press Release Prime Time with Rana Mubashir PTCL Punjab Quetta Quotes Rauf Klasra Samsung Sar-e-Aam By Iqrar-ul-Hasan Sardar Jokes Saudi Arabia ShiroShairi Show Biz Sikander Hameed Lodhi Sindh Social Media Sohail Warriach Songs Sports News Stories Syria Takrar Express News Talat Hussain Talk Shows Technology Telecommunication Telenor To the point with Shahzeb Khanzada Tonight with Moeed Pirzada Turkey Tweets of the day Ufone University Jobs Urdu Ghazals Urdu News Urdu Poetry UrduLateefay Video Songs Videos ViVO Wardat SamaaTV WaridTel Wasi Shah Zong اردو خبریں
______________ ☺ _____________ _______________ ♥ ____________________
loading...