In yet another shocking news, three Pakistani banks became victims of cyber-attack on November 13th, post BankIslami’s massive security breach last month.
According to the News.com.pk, data of over 150,000 plastic cards were put on sale on the dark web last week.
A Moscow-based anti-fraud firm the Group-IB detected an abnormal spike in Pakistani banks’ data offered for sale on the dark web card shop called ‘Jokerstash’ after a new set of dumps was uploaded.
However, the latest dump did not include cards from BankIslami.
A blog post by Group-IB stated:
“The banks affected by this breach included major Pakistani financial organizations such as, Habib Bank, MCB Bank Limited, Allied Bank Limited and many others”
However, Habib Bank was labeled as the most affected of all.
“Habib Bank was affected most by the breach: roughly 20% of cards (30,034) in the uploaded database was issued by this bank.”
Group-IB said that the market value if the database collectively is about $19.9 million.
“The sale price for these card dumps ranges from $17 to $160,”
Head of Group-IB Cybercrime research unit, Dmitry Shestakov said card dumps are usually obtained by using skimming devices and through Trojans infecting workstations connected to point of sale terminals.
“What is interesting about this particular leak is that the database that went on sale hadn’t been announced prior either in the news, on card shop or even on forums on the dark net”
Last month, BankIslami underwent a major cyberattack as overseas hackers stole a whopping $6 million from debit cards issued by the bank.
The “abnormal transactions” were done by Pakistani debit cards outside the country’s borders.
State Bank of Pakistan (SBP) immediately took action by temporarily restricting the use of debit cards for those who are overseas.
Following the massive data-breach, as many as six leading Pakistani banks had temporarily disabled debit cards for international ATM cash withdrawal due to security concerns.
In a text message sent to all users, the banks informed:
“As a security precaution, your debit card has been temporarily disabled only for international ATM cash withdrawal.”
Banks that had halted facility of debit cards in overseas markets include:
- Bank AL Habib
- Soneri Bank
- JS Bank
- Faysal Bank
According to the Express Tribune, the security breach has also hit about nine banks compared to initial reports of only BankIslami being affected by the cyber attack.
The News International revealed that according to the Moscow-based anti-fraud firm, nine Pakistani banks, including Bank Islami, Habib Bank, JS Bank, Faysal Bank, Soneri Bank, Bank of Punjab, Bank Alfalah, Silkbank, and MCB Bank had witnessed abnormal transactions.
Stay tuned to Brandsynario for more updates.