SECOND EDITION
SATURDAY, MAY 14, 2016
|
Jyoishtha 1, 1423, Shaban 6, 1437
|
Regd No DA 6238, Vol 4, No 22
|
www.dhakatribune.com | 32 pages | Price: Tk10
Consumer data of 3 BD banks hacked Turkish hackers breach the banks’ servers before posting the obtained data online n Tribune Desk A Turkish hacker group dumped a considerable amount of secured consumer data of three Bangladeshi commercial banks online on Tuesday, claiming they were able to obtain the information by breaching the banks’ internal servers. The three banks are Dutch-Bangla Bank Ltd (DBBL), City Bank Ltd, and Trust Bank Ltd, reports cybersecurity-focused news website Data Breach Today. Links to the file archives containing data from the above-mentioned banks have been posted from a Twitter account, supposedly operated by Turkish hacking group Bozkurtlar (Grey Wolves). The notorious hacker group rose to fame after leaking data tied to Qatar National Bank and UAE’s InvestBank recently. Along with the Bangladeshi banks, it also leaked secured consumer data of two Nepalese banks – Business Universal Development Bank and Sanima Bank. Cybersecurity analysts contacted
by Data Breach Today said while the data in the newest leak appears genuine, the volume of data from these banks is relatively small. The file archives posted 312KB for the DBBL, 11.2MB for City Bank, and 95KB for the Trust Bank, respectively. When contacted, DBBL’s Deputy Managing Director Abul Kashem Md Shirin told the Dhaka Tribune that the bank usually makes a certain amount of data public on its website and the hackers leaked in-
formation that is already public. He said the bank provided vendors some information for maintenance of ATMs and that information has been made public by the hackers. “No confidential data of our bank has been leaked,” he told our reporter Jebun Nesa Alo. Ishtiaque Ahmed Chowdhury, managing director and CEO of Trust Bank, said: “We can confirm that the leaked data does not
match that of our clients. Our bank is completely protected and the system was not hacked.” City Bank’s Additional Managing Director Mashrur Arefin said the leaked information was marketing data. “We did not find any data from our server there and there was no trace of our system being hacked,” he added. According to the Data Breach Today’s preliminary analysis, the
scope of the data varies widely. Quoting some researchers, the website says the leaked data shows that each of the zip files contains at least some customer information or account credentials. Although another independent researcher, who requested anonymity, told the news website that the data posted for each of the banks appears to be old – the latest being from the City Bank dates to August 2015. This, he said, raises a question about whether the leaks are the result of recent breaches, as claimed by Bozkurtlar, or if the group has simple aggregated data from older incidents and posted it. Quoting a security engineer, who was able to conduct some initial forensic tests on the breach, the news website reported that the data points to a “webshell” upload being used at the DBBL and Sanima Bank of Nepal. A webshell is a piece of code uploaded to a server or computer, allowing attackers to gain access, PAGE 2 COLUMN 5
SWIFT warns of more malware Ansar man killed in attacks as 2nd bank breached Rohingya camp attack n Tribune Desk
INSIDE
The theft of $81m from Bangladesh Bank was “part of a wider and highly adaptive campaign targeting banks,” SWIFT, the global financial messaging network, warns its 11,000 customers, as at least one other bank was also breached by the same attackers, reports Reuters. The second case targeted a commercial bank, SWIFT spokeswoman Natasha de Teran said on Thursday, without naming it. Cybersecurity-focused news website Data Breach Today claims it was a Vietnamese bank. It was not immediately clear how much money, if any, was sto-
The four steps hackers follow while breaching v
Attackers compromise the bank’s environment.
v
Attackers obtain valid operator credentials that have the authority to create, approve and submit SWIFT messages from customers’ back-offices or from their local interfaces to the SWIFT network.
v
Attackers submit fraudulent messages by impersonating the operators from whom they stole the credentials.
v
Attackers hide evidence by removing some of the traces of the fraudulent messages. [SWIFT says the main purpose of the Trojanised PDF reader was to effect step number four.]
len in the second attack. The May 13 customer alert from Brussels-based SWIFT, a cooperative founded in 1973 and owned by 3,000 financial institutions, is based on an ongoing teardown of the malware that infected Bangladesh Bank, which is being conduct-
ed by British defence and security firm BAE Systems. In both bank attacks, “the attackers have exploited vulnerabilities in banks funds’ transfer initiation environments, prior to messages being sent over SWIFT,” the PAGE 2 COLUMN 1
5 journos attacked by yaba traders gir Hossain were able to recognise n Abdul Aziz, Cox’s Bazar some of the members of the gang. An Ansar member was killed after he was attacked by robbers at a refugee camp in Cox’s Bazar’s Teknaf upazila early yesterday. Five journalists, who had gone to cover the incident, came under attack of a yaba trader and were injured. Ansar member Ali Hossain, 50, son of late Shukkur Ali of Tangail’s Shafipur area, was attacked as he attempted to resist armed robbers at Nayapara refugee camp at dawn. Locals said the robbers emerged from a hill near the camp, and Ali and another Ansar member Alam-
Death by lightning on the rise
Bangla Tribune steps into 3rd year
Bus rides a constant curse for women
The number of deaths due to lightning has been on the rise around Bangladesh lately, with at least 40 people killed by lightning in the past few days alone. PAGE 3
The second anniversary of Bangla Tribune was celebrated yesterday with eminent personalities including politicians, journalists, artistes and top law enforcers joining the festivities.
Travelling by public transport in Dhaka is a very uncomfortable experience for women, who say such forms of transport instead of CNG-run autorickshaws is safer but the journey involves many forms of harassment. PAGE 32
PAGE 7
Ali sustained severe injuries in the attack and was taken to a local clinic where doctors pronounced him dead. Abul Kashem, in-charge of Nayapara camp police, said the robbers also took away 11 firearms. Officer-in-Charge of Teknaf Model police station Abdul Majid visited the scene, and said additional police and Border Guard Bangladesh members had been deployed.
Five journos injured by yaba trader
Meanwhile, five journalists were PAGE 2 COLUMN 5