AP Mahesh Bank hacking case; 4 Nigerians among 23 held so far

As many as 23 people, including four Nigerians, were arrested so far in connection with the swindling of Rs 12.48 crore from the AP Mahesh Co-Operative Urban Bank hereafter hackers entered the bank's system through phishing emails, police said on Wednesday. On January 24 this year, a case was registered regarding the fraud done by some unknown hackers by altering the balance in four accounts and transferring it into 115 different accounts across India.

Cyber forensics concluded that the hackers entered the system of the AP Mahesh Co-Operative Urban Bank (by sending over 200) phishing emails containing a remote access trojan (RAT) sent to the employees of the bank in November 2021, Hyderabad Police Commissioner CV Anand said. Once the mails are opened and clicked upon, the RAT gets embedded in the computer of the bank. Through the RAT software, the hackers got access to the computers of the bank. Since all the systems in the bank are interconnected, the hackers were remotely able to access the core banking server of the bank and during January this year they altered the balance in the four accounts, police said. Through Internet Banking from the four accounts, RTGS/NEFT transactions were made, and the amount was transferred into 115 different bank accounts of different banks and from there into 398 different bank accounts. Most of the beneficiary accounts were in Delhi, Haryana, Uttar Pradesh, West Bengal, Maharashtra, Karnataka, Kerala, and seven North-Eastern States, and the money was later withdrawn from 938 ATMs all over India, the police said.

Though, Cyber Crime Police succeeded in freezing an amount of Rs 2,08,55,536 before they were withdrawn from ATMs besides an amount of Rs 1,08,48,990 was refunded/returned to the AP Mahesh Co-Operative Urban Bank because of the incorrect beneficiary details, they said.

As part of the probe, special teams were formed and sent to different parts of the country to nab the suspects, the Hyderabad police chief said.

IP logs for the Internet Banking of the four bank accounts were obtained and it was found that the IP addresses were proxies with locations indicating USA/Canada/Romania, the top official said adding the hackers used VPN services of a Bihar-based company and from them, the Proxy IPs were allocated to the persons from the UK. During the investigations so far, a total of 23 people, including four Nigerians (one of them was arrested today), who were involved and part of the conspiracy have been arrested, Anand said.

Explaining the modus operandi, the Police Commissioner said the whole operation runs in various modules independent of each other, the hackers, the handlers of accounts opened for the hacking, and the handlers of the beneficiary accounts. The three modules coordinate with each other and enable the hacking and transfer of money, he said. Investigation so far revealed the hackers, and the main kingpins are located outside India, most likely in the UK and Nigeria, and the amount withdrawn was transferred to Nigeria, most likely through hawala or cryptocurrencies, police said.

Police further said an amount to the tune of Rs 58 lakh was so far spent towards investigation into the case.

(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)