Recent reports indicate that the National Bank of Pakistan (NBP) suffered two major cyberattacks that impacted its backend systems and servers responsible for communication between the various branches, in addition to affecting the systems that control its network of ATMs and online banking apps.
In a statement, the bank said that all necessary security measures were implemented immediately after detecting the incident, in addition to the lack of missing funds or theft of confidential information have been identified so far.
There’s like a huge rush at the NBP atm at work since yesterday, looks like they haven’t restored services and people need cash.
Over the weekend, the bank’s security teams engaged in recovery work, allowing the normal opening of more than 1,000 branches and restoring its entire ATM network. While the bank says the situation is under control, some customers began withdrawing all their funds and emptying their accounts thinking that a new attack could make them lose their money.
Faced with the panic caused by this incident and some false reports, NBP had to issue a new statement to confirm that the attack was under control, it only affected NBP systems, and its customers’ money was completely safe: “We continue to monitor the situation and will share any updates about it through our official platforms,” the statement added.
The malware was pushed via privileged account in active directory which corrupted the boot sequence of the computers and hence prevented them from booting. (Screenshot Attached) 5/6
Although in an unconfirmed version this incident is attributed to a ransomware attack, the authorities are not aware of the detection of this malware variant on the bank’s systems, so it is not considered a real possibility. On the other hand, a researcher shared what appears to be a screenshot of an affected computer, which shows an error in the boot configuration file.
Various members of the cybersecurity community have shared multiple hypotheses about the cause of these attacks and their possible perpetrators; however, until the investigation is over, there will be no official version of what really happened.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.


You May Also Like

Passwordstate warns of ongoing phishing attacks following data breach

Click Studios, the Australian software firm which confirmed a supply chain attack…

Rockstar games hacked. Grand Theft Auto VI Videos and GTA V Source Code leaked

The same 18-year-old hacker who just hacked UBER for fun has now…

12 new state privacy and security laws explained: Is your business ready?

While at the federal level security and privacy legislation are lost in…