Data from “almost every Pakistani Bank” stolen & sold on the dark web

Pakistani banks have debuted on the Dark Web with almost all of the country’s banks becoming victims of a devastating data hack. It is undoubtedly the biggest ever hacking campaign launched against banks in Pakistan.

It is estimated that hackers have stolen financial data of more than 8,000 account holders from at least 10 different banks in Pakistan. The data is currently up for sale on the Dark Web.

According to the initial investigation conducted by the Federal Investigation Agency’s cyber crime wing, it is identified that “almost all” banks in Pakistan have experienced a security breach. The head of the FIA (Rtd) Capt Mohammad Shoaib stated on Tuesday that the agency has written to all the involved banks and a meeting with the heads and security management officials of the banks has been called.

See: Dark web marketplace found selling access to the airport’s security system

Capt Shoaib stated that “banks are the custodians of the money people have stored in them,” and also added that the banks will be held responsible if weak security practices are identified as the key reason behind the data hack.

Capt Shoaib also claimed that the hackers are not based in Pakistan and they have managed to steal “large amounts of money from people’s accounts,” while it is quite evident that the banks need to improve their security systems in order to prevent similar attacks.

In the upcoming meet-up, the FIA plans to look into ways through which the security infrastructure of the banks could be improved. It isn’t yet clear exactly when the security breach occurred; however, Capt. Shoaib claims that there are over 100 cases that the agency is currently investigating in relation to this breach.

While speaking with DawnNews, the FIA head explained that one of the concerning aspect associated with banking frauds is that the affected banks try to hide the security breach and customers contact the bank about the theft, not the FIA. This results in heavy monetary losses.

“We are trying to play a proactive role in preventing bank pilferage,” added Capt. Shoaib.

Reportedly, the first cyber-attack was launched on October 27 against BankIslami in which 2.6million were stolen from international payment cards. The bank immediately stopped all the transactions and only biometrically verified payments were allowed on ATM cards in Pakistan.

The very next day directives were issued by the State Bank of Pakistan to all the banks so as to ensure that all information systems are fully secure especially those related to card operations. Real-time monitoring of card operations was also part of the precautionary measures.

See: New AI system DARKMENTION will detect upcoming cyberattacks from dark web

In an exclusive conversation with Rafay Baloch, a Pakistani cybersecurity researcher, and famed white hat hacker with inside knowledge of the situation after the attack, was told that “The debit data was obtained through various sources such as skimming, phishing attacks then sold on the dark web forcing banks to disable international withdrawal for ATM cards as a countermeasure.”

“The countermeasure was implemented by inflicting a denial of service which shows that the system is not resilient,” said Baloch. “State bank should create a banking cert, it should act as a collaborator and establish a threat intelligence collaboration model to proactively combat such threats,” Baloch advised.

The disclosure, however, comes after it is reported that nearly 10 banks blocked all of its international transactions on debit and credit cards because of the security breach. Online mobile banking services were temporarily terminated from November 3 onwards by all the large banks in Pakistan. The State Bank of Pakistan was contacted by various commercial banks regarding the blocking on international payments as a precautionary measure.

Related Posts