A turkish hacking
group “Bozkurtlar”-or “Grey Wolves” has just posted the purported data
belonging to five South Asian Banks online on May 10. Records show that this
group had recently also linked the data tied to Qatar National Bank and UAE’s
Invest Bank.
The victim banks
include the Dutch Bangla Benk, The City Bank & The Trust Bank from Dhaka,
Bangladesh and the two Nepalese banks, Business Universal Development Bank and
Sanima Bank, both based in Kathmandu.
The hacking group is
supposed to have posted the links to the file archives containing data from a Twitter
account and seem to be making good on this job, which indicates that more such
disclosures may be expected in the region, in the near future.
The file archives
posted were 251 MB for Business Universal Development Bank, 47 MB for Sanima
Bank, 11.2 MB for The City Bank, and 312 and 95 Kilobytes for Dutch Bangla Bank
and Trust Bank, respectively, which includes the personal information of the
customers and the records of customer banking transactions. However, the
targeted banks have not replied to a request for comment from Information
Security Media Group.
Several security
experts who have been following Bozkurtlar say that while the data in the
newest leak appears genuine, the volume of data from these five banks is
relatively small compared to the massive QNB and InvestBank dumps.
A primary researcher
in this case, who requested anonymity, says that the data posted for each of
the banks appears to be old - the latest being from The City Bank dates to
August 2015. He says that this raises a question about whether the leaks are
the result of recent breaches, as claimed by Bozkurtlar, or if the group has
simply aggregated data from older incidents and posted it.
In a statement shared
with ISMG, InvestBank says the data tied to the bank is from a breach in
December 2015. "No new hack has happened, as claimed by these
attackers," InvestBank says.
