Hackers Demand $770,000 Ransom From Canadian Banks
Cybercrime: FBI Says Ransomware, Extortion Continue to Dominate.
Written by Matthew Schwartz
The ransom demand comes on the heels of the Bank of Montreal, operating as BMO Financial Group, and Simplii Financial, a banking subsidiary of the Canadian Imperial Bank of Commerce, on Monday reporting that they'd been warned that some of their client data may have been exposed on Sunday (see Two Canadian Banks Probe Alleged Exposure of Customer Data).
Neither bank commented to Information Security Media Group about how they learned about the alleged data breach, which both say they're investigating. BMO is Canada's fourth largest bank by assets and may have had 50,000 customer details exposed. CIBC is the country's fifth largest bank and may have had 40,000 customer details exposed.
"We warned BMO and Simplii that we would share their customers informations if they don't cooperate," reads an email from the purported thieves, CBC News reported on Wednesday.
In the email, which CBC reports was of Russian origin, the hackers claim they used an algorithm to generate authentic account numbers, which enabled them to pose as legitimate accountholders and begin a "lost password" process that enabled them to reset security questions and gain access to accounts.
"They were giving too much permission to half-authenticated account which enabled us to grab all these information," according to the email, which said each bank "was not checking if a password was valid until the security question were input correctly."
Hackers set a deadline to receive the ransom payment. "These ... profiles will be leaked on fraud forum and fraud community as well as the 90,000 left if we don't get the payment before May 28 2018 11:59PM," the email said.
It's not clear if attackers have followed through on that threat.
Read More Here.