Two Nigerian hackers, possibly along with Filipino accomplices, have managed to scam the state-owned United Coconut Planters Bank (UCPB) out of ₱167 million last June.
According to a report, the hackers found a vulnerability that was left open when the bank was in the middle of upgrading its information technology and security systems. They then developed malware to exploit this vulnerability, gain remote access, and examine the bank’s operations, including the way funds were being processed and transferred online.
- Budget Chinese phones come preloaded with malware, steals money and data — report
- New Qualcomm Snapdragon security flaws expose millions of Android users
The remote access also allowed the hackers to remove the safeguards and withdrawal limits of automated teller machines. The hackers withdrew the money over the three-day weekend provided by the Philippine’s national holiday Independence Day through several ATMs across interconnected ATM networks. Recorded surveillance videos in one of the ATMs showed that the one making a withdrawal had a dark skin.
The UCPB, along with the National Bureau of Investigation and Bangko Sentral ng Pilipinas, is currently investigating the incident. They’re also looking into the possibility that the heist was an inside job. According to the bank, its clients and account holders need not worry as their funds are not affected.