Chinese hackers stole over Rs 35 million – and then got caught

  • September 6, 2019

If not for the vigilance of Nepal Police and one bank employee – Chinese hackers’ would have evaded with over NRS 35 million.

While investigation of the hacking case continues, Nepal Police had last made public the news that the Chinese hackers had first attacked Indian ATMs first – however they were withdrawing money from Nepali banks – using the same technology. After a successful heist they arrived in Kathmandu – all was well until one bank employee found something suspicious.

“There was no way the Nabil Bank ATM booth in Durbar Marg could be emptied out via withdrawals in 24 hours”.

He accordingly informed the police who sent out officers dressed up as civilians to monitor the area – the team found a particular Chinese national making lots of withdrawals. They approached him, and that was how the whole racket was exposed.

Nepal Rastra Bank, the central bank of the country, said on Thursday that the Chinese hackers had stolen a total of Rs. 35.88 million from various automatic teller machines (ATMs) of Nepal and India by hacking Nepali pin codes.

The arrested six Chinese nationals had hacked not only the ATMs in Nepal but also found to have applied the same technique while drawing money from the India-based ATMs amounting to Rs. 16.94 million, according to the report made public by the NRB on Thursday.  Earlier, they had stolen Rs. 16.8 million from Nepali ATMs. In Nepal, the arrested Chinese nationals had visited 68 ATM booths using ATM cards of 17 banks, including the commercial banks, Niroula said.

The report submitted by Mishra-led team had also forwarded two types of recommendations – long and short term- to tackle the challenges of ATM hacking carried out by the Chinese hackers and others.  The report has recommended conducting a separate but thorough study, investigation and analysis of the incident by teams of special IT experts. It further suggested the NRB to conduct a regular monitoring and surveillance of all the electronic cards and network system involved while drawing money from the ATM. The report has further suggested every bank and financial institution to carry out risk evaluation of their different modes of transaction system, including payment service provider (PSP) and payment system operator (PSO), and way forward for risk reduction.

Earlier, the NRB and the Nepal Police had said that cash Rs. 16.8 million was stolen from the ATMs of Nepali banks.
During the police raid in the ATMs, police had seized Rs. 12.6 million cash from five arrested Chinese nationals and additional USD 6,000 from another Chinese-born French citizen Su Lusli, who was arrested from Tribhuvan International Airport, on Sunday night.  In the connection, police had also arrested three money changer owners for helping the Chinese nationals to exchange the Nepali currencies into the U.S. dollars.