Cyber Attack hits MCB, Habib and Allied Bank - Over 150,000 plastic cards data Put on Sale on Dark Net – Research Snipers

Cyber Attack hits MCB, Habib and Allied Bank – Over 150,000 plastic cards data Put on Sale on Dark Net

dark web

Faceless hooded anonymous computer hacker with programming code from monitor, dark web concept

On November 13th three Pakistani banks were hit by another cyber-attack. These banks were Habib, MCB and Allied Bank Limited. Data of over 150,000 plastic cards were put on sale on the darknet. An abnormal spike in the data of Pakistani banks sold on a card shop was detected by Group IB which is a Moscow based anti-fraud company.  The Pakistani banks’ data was being sold on Jokerstash card shop.

Interesting: SBP denies data hack reports, says only one bank data hacked

The information security firm said, “There were 150,632 dumps of Pakistani banks. The banks affected by this breach included major Pakistani financial organizations such as Habib Bank, MCB Bank Limited, Allied Bank Limited, and many others.”

The spokesperson of State Bank of Pakistan has not commented on this. According to Group-IB the Bank most affected was Habib Bank. The spokesperson said that the Habib Bank  “was affected most by the breach. Roughly 20 percent of cards in the uploaded database was issued by this bank”.

Along with Pakistani banks, cyber theft also affected international banks’ data. According to Group-IB over 16000 cars of domestic banks and 11000 card data of banks from various areas were also dumped. Also, the “total amount of dumps that went on sale on Nov. 13 amounted to 177,878”.

Also as per the Group-IB official Pakistani bank cards found on sale on the darknet is very rare.

“In the past six months, it was the only big sale of Pakistani banks’ data.”

In October 9 banks were pointed out by Group-IB whose data was compromised. These banks included BankIslami, Habib Bank, JS Bank, Faysal Bank, Soneri Bank, Bank of Punjab, Bank Alfalah, Silkbank, and MCB Bank.

BankIslami accepted that its data was compromised and Rs2.6 million was lost.

The file that was put on the dark web was under the name PAKISTAN-WORLD-EU-MIX-03 (fresh skimmeD EU base): PAKISTAN/WORLD/EU TR1+TR2, uploaded (on November 13)”.

Sometime late the name was changed to «PAKISTAN-WORLD-EU-MIX-03 (fresh skimmeD EU base): PAKISTAN/WORLD/EU TR1+TR.”

Group-IB said, “Presumably, originally the seller didn’t want to allow refunding purchased cards, but he later decided to give its potential buyers some time to test the reliability and value of data on sale.”