Lately, a group of Turkish hackers called “Bazkurtlar” as known as “Grey Wolves” has leaked 5 South Asian Banks customer credentials data online. Two of the banks, Sanima Bank and Business Universal Development Bank, is based in Kathmandu, Nepal while the other three banks, The Dutch Bangla Bank, The City Bank and Trust Bank are based in Dhaka, Bangladesh.
Links to the file archives containing data have been posted from a twitter account supposedly operated by Turkish hacking group “Bozkurtlar”. The total file archive contains 251 MB data of Business Universal Development Bank, 47 MB of Sanima Bank, 11.2 MB of The City Bank, 312 Kilobytes of Dutch Bangla Bank and 96 kilobytes of Trust Bank respectively.
Sanima Bank- Kathmandu, Nepal: Sanima Bank #hack, leak contain 47 MB archive contains a spreadsheet of customer personal information details such as name, account balance with current withdrawal and deposit details for the account, the recent data is from February 2015.
Business Universal Development Bank – Kathmandu, Nepal: Business Universal Development Bank #hack leak contain the largest amount of archive released by Bozkurtlar hacker. 251 MB files appears to contain email communication of senior management and manager in Microsoft Outlook format. The data also contains phone- banking customer details, including contact number, username, encrypted password and customer, According to analysis of data the most recent data is from January 2015
The City Bank – Dhaka, Bangladesh: This 11.2 MB dump has a single spreadsheet, which appears to at least 1 million Bank Customers personal information details such as Full name, Father’ name, Mother name, Date of Birth, Age, Mailing address, Contact number, permanent address and email.
Dutch-Bangla Bank Limited – Dhaka, Bangladesh: This 312 KB archive appears to contain records of customer banking transactions- either physical or internet banking. Hackers was able to gain access from the public internet to the bank’s ATM transaction analyzer for research purpose using admin credentials found the clear text in the dump. The website of Dutch Bangla bank appear to contain vulnerabilities ad could have been the point of penetration to the internal servers or files as per the report.
Trust Bank – Dhaka, Bangladesh: The smallest archive at 96KBs, the file contains two spreadsheets that, among other things contain user ID, email, username and encrypted passwords. The latest file is from June 2015.
In this incidence, hackers reportedly had access to the bank’s data systems for a fairly long period — by some accounts about 200 days — and the bank’s security system could not detect it until they publish data online, and worse, the bank came to know of it when some of the data were published,” According to the incidence analysis team of the leak data , the hackers have used an ‘SQL injection” and shell upload method to bypass the security of the bank to dumb database and leak the data.
The hacker groups have reportedly threatened to leak more data from yet another bank and the hacker group is slated to leak more data in the coming days.
To safe guard against such incidence, customer should be careful for their own privacy and keep their information safe. If any suspicious activities seems to be taking place in their user account , they should change account password or contact the bank immediately. Likewise, bank should be vigilant on intrusion incidences and install proper safeguard as deterrence against like incidences as the cat and mouse game is here to stay for a longer time.