Intrusion detected before hacker manages to steal any funds

Oct 19, 2016 15:05 GMT  ·  By

Axis Bank, India's third-largest private bank, announced today that it was the victim of a cyber-attack, but has managed to stop the intrusion before the hacker stole any funds from customer accounts.

Bank officials have already reported the incident to the Reserve Bank of India, the country's banking regulator.

Kaspersky researcher discovered the intrusion by accident

Axis officials told the Economic Times that a security researcher for Russian-based security firm Kaspersky Lab had notified the bank about an intrusion last month.

The researcher said the company was investigating another incident when they found evidence of the hacker compromising some of the bank's systems.

Axis investigated the claim and confirmed the intrusion, which was in the form of an unauthorized login from an IP address outside India.

No funds stolen during the hack

Despite the detected intrusion, the company did not find evidence that the hacker compromised other internal bank systems, or of attempts to make illegal transfers.

It is very likely that the bank caught the hacker while he was scanning the bank's internal network for other systems he could hack, in a hacking stage known as "reconnaissance," or "lateral movement."

Axis Bank officials said they hired local security firm EY to help them with the rest of the investigation.

Fourth banking-related incident in the past few months

On the same day, India's largest bank, the State Bank of India (SBI), announced it had blocked over 600,000 debit cards used at non-SBI ATMs, which the bank suspects were infected with ATM malware. This incident seems to be related to malware found on the ATM network of YES Bank, discovered last month.

In July, Union Bank of India said that one of their offshore accounts got hacked and the attacker managed to steal a large sum of money. A few days after the incident, the bank's chairman said the bank managed to recover 70 percent of the funds, but declined to say how much the hacker had stolen.