AP Mahesh Bank hacking case: 4 Nigerians among 23 held so far

Hyderabad (Telangana): More than 23 accused including four Nigerians, were arrested in connection with the fraud of Rs 12.48 crore from the Andhra Pradesh Mahesh Co-Operative Urban Bank. The police said on Wednesday that hackers entered the bank's system through phishing emails. Once these emails are opened and clicked upon, the Remote Access Trojan (RAT) gets embedded in the computer of the bank.

Through the RAT software, the hackers got access to the computers of the bank. Since all the systems in the bank are interconnected, the hackers were remotely able to access the core banking server of the bank and during January this year they altered the balance in the four accounts, police said.

Earlier a case was registered on January 24 regarding the fraud done by some unidentified hackers by altering the balance in four accounts and transferring it into 115 different accounts across India. "Cyber forensics stated that the hackers entered the system of the AP Mahesh Co-Operative Urban Bank by sending over 200 phishing emails containing a remote access trojan (RAT) sent to the employees of the bank in November 2021," Hyderabad Police Commissioner CV Anand said.

The amount was transferred into 115 different bank accounts of different banks through internet banking from the four accounts by RTGS/NEFT into 398 different bank accounts. Most of the beneficiary accounts were in Delhi, Haryana, Uttar Pradesh, West Bengal, Maharashtra, Karnataka, Kerala, and seven North-Eastern States, and the money was later withdrawn from 938 ATMs all over India, the police said.

Also Read: Faulty software forced govt to make book adjustments of Rs 48,000 crore: Andhra FM

Hyderabad (Telangana): More than 23 accused including four Nigerians, were arrested in connection with the fraud of Rs 12.48 crore from the Andhra Pradesh Mahesh Co-Operative Urban Bank. The police said on Wednesday that hackers entered the bank's system through phishing emails. Once these emails are opened and clicked upon, the Remote Access Trojan (RAT) gets embedded in the computer of the bank.

Through the RAT software, the hackers got access to the computers of the bank. Since all the systems in the bank are interconnected, the hackers were remotely able to access the core banking server of the bank and during January this year they altered the balance in the four accounts, police said.

Earlier a case was registered on January 24 regarding the fraud done by some unidentified hackers by altering the balance in four accounts and transferring it into 115 different accounts across India. "Cyber forensics stated that the hackers entered the system of the AP Mahesh Co-Operative Urban Bank by sending over 200 phishing emails containing a remote access trojan (RAT) sent to the employees of the bank in November 2021," Hyderabad Police Commissioner CV Anand said.

The amount was transferred into 115 different bank accounts of different banks through internet banking from the four accounts by RTGS/NEFT into 398 different bank accounts. Most of the beneficiary accounts were in Delhi, Haryana, Uttar Pradesh, West Bengal, Maharashtra, Karnataka, Kerala, and seven North-Eastern States, and the money was later withdrawn from 938 ATMs all over India, the police said.

Also Read: Faulty software forced govt to make book adjustments of Rs 48,000 crore: Andhra FM

Though, Cyber Crime Police succeeded in freezing an amount of Rs 2,08,55,536 before they were withdrawn from ATMs besides an amount of Rs 1,08,48,990 was refunded/returned to the AP Mahesh Co-Operative Urban Bank because of the incorrect beneficiary details, they said.

The special teams were formed and sent to different parts of the country to nab the suspects, the Hyderabad police chief said. IP logs for the Internet Banking of the four bank accounts were obtained and it was found that the IP addresses were proxies with locations indicating USA/Canada/Romania, the top official said adding the hackers used VPN services of a Bihar-based company and from them, the Proxy IPs were allocated to the persons from the UK.

A total of 23 people, including four Nigerians (one of them was arrested today), who were involved and part of the conspiracy have been arrested, Anand said. Explaining the modus operandi, the Police Commissioner said the whole operation runs in various modules independent of each other, the hackers, the handlers of accounts opened for the hacking, and the handlers of the beneficiary accounts.

The Police Commissioner said, "three modules coordinate with each other and enable the hacking and transfer of money. Investigation so far revealed the hackers, and the main kingpins are located outside India, most likely in the UK and Nigeria, and the amount withdrawn was transferred to Nigeria, most likely through hawala or crypto-currencies," police said. Police further said an amount to the tune of Rs 58 lakh was so far spent towards an investigation into the case.

(With agency inputs)