Two Nepali Banks hacked by Turkish Hackers

Five South Asian Banks Hacked by a Turkish Group

A Turkish hacking group “Bozkurtlar”-or “Grey Wolves” has just posted the purported data belonging to five South Asian Banks online on May 10. Records show that this group had recently also linked the data tied to Qatar National Bank and UAE’s Invest Bank.

The victim banks include the Dutch Bangla Bank, The City Bank &The Trust Bank from Dhaka, Bangladesh and the two Nepalese banks, Business Universal Development Bank and Sanima Bank, both based in Kathmandu.

The hacking group is supposed to have posted the links to the file archives containing data from a Twitter account and seem to be making good on this job, which indicates that more such disclosures may be expected in the region, shortly.

The file archives posted were 251 MB for Business Universal Development Bank, 47 MB for Sanima Bank, 11.2 MB for The City Bank, and 312 and 95 Kilobytes for Dutch Bangla Bank and Trust Bank, respectively, which includes the personal information of the customers and the records of customer banking transactions. However, the targeted banks have not replied to a request for comment from Information Security Media Group.

Several security experts who have been following Bozkurtlar say that while the data in the newest leak appears genuine, the volume of data from these five banks is relatively small compared to the massive QNB and InvestBank dumps.

A primary researcher in this case, who requested anonymity, says that the data posted for each of the banks appear to be old – the latest being from The City Bank dates to August 2015. He says that this raises a question about whether the leaks are the result of recent breaches, as claimed by Bozkurtlar, or if the group merely has aggregated data from earlier incidents and posted it.

In a statement shared with ISMG, Invest Bank says the data tied to the bank is from a breach in December 2015. “No new hack has happened, as claimed by these attackers,” Invest Bank says.