Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Hindu
The Hindu
National
Staff Reporter, Deshpande Abhinay 11076

58 lakh too less to even identify hacker of co-op bank fraud

After spending ₹58 lakh and deploying more than 100 police officers for weeks to nab the ‘hacker’ who siphoned off over ₹9.4 crore of the AP Mahesh Co-Operative Urban Bank Limited, continues to be mysterious person.

This financial spending by police came to light when Hyderabad Commissioner of Police C.V. Anand on Wednesday declared the arrest of the Nigerian national who is accused of assisting the mysterious fraudster. The unanimous hacker is suspected to be located either in the United Kingdom or in Nigeria and has transferred the money to Nigeria, mostly likely through Hawala or cryptocurrencies, Mr. Anand said.

Despite sustained interrogation of arrested Nigerian Ikpa Stephen Orji, police claimed that they are in a helpless situation since the accused did not spill the beans. Invariably, the investigators were dependent only on the seized devices of the accused person to gather information about their activities.

“They are enlightened by the law of the land. While being questioned, they say they don’t know anything, as a result, we have to get information only through their mobile phones,” he said.

After altering the balance in four accounts transferring it into 115 different accounts across India by changing the mobile numbers of the account holders to avoid getting SMS of the transactions, the kingpin further transferred the amount to 398 bank accounts in Delhi, Haryana, Uttar Pradesh, West Bengal, Maharashtra, Karnataka, Kerala and seven Northeastern States.

“The money was later withdrawn from 938 ATMs across the country. Other 23 handlers of the key accused, who were arrested in the case, were paid commissions for helping him in the operation, which was being planned since November last, and executed in January,” the Commissioner said.

While the fraudster attempted to swindle ₹12.48 crore, the cybercrime police responded immediately to the complaint from the bank and succeeded in freezing ₹2.08 crore - before they were withdrawn from ATMs – and another ₹1.08 crore was refunded/returned to the bank account detail of the beneficiary was incorrect.

According to Mr. Anand, the IP logs for the Internet Banking of the bank accounts were obtained and it was found that the IP addresses are proxies with locations indicating the USA, Canada, Romania. The hackers used VPN services of a Bihar based company and from them, the Proxy IPs were allocated to the persons from the UK.

The cyber forensics concluded that the hackers entered the bank’s system through phishing emails containing a remote access trojan (RAT) sent to the employees on the 4, 10 and 16 of November 2021. “They have sent over 200 phishing emails and two of the employees opened the emails and the RAT got embedded in the computer of the bank. Through it, the hacker got access to the admin systems, since all the computers are interconnected and the hackers were remotely able to access the Core banking server,” the officer explained.

On D-Day, the cyber fraudsters entered the core banking server and altered the balance in the four accounts already opened under their supervision, from there the amount was transferred to various accounts to be withdrawn.

The Commissioner said that they would approach Interpol to know the actual IP addresses of the proxy and in case they respond, a red corner notice would be issued and it’s a very lengthy process.

“To a great extent the chain is disturbed, but the hacker is out and he can form a new team and continue his operations,” he said.

The bank and Infrasoft Technologies, who developed the software, would also be made accused in the case as the whole fraud took place due to their negligence.

Further, Mr. Anand concluded by stating through the Reserve Bank of India had issued guidelines, there is no enforcement, and soon they will be called for a meeting.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.