Hackers attack Canadian banks, demand $1M in XRP as ransom

Two Canadian banks, Simplii Financial and the Bank of Montreal (BMO), were on damage control after hackers reportedly bypassed their security and stole the data of tens of thousands of the banks’ clients. According to reports, the hackers contacted the banks following the theft, demanding a payment of $1 million in Ripple (XRP), or they would release the information to the dark web. The hackers even gave details on how they got into the systems.

According to a report by CBC News, the hackers were able to make off with names, passwords, account numbers and balances, social insurance numbers and security questions and answers for over 90,000 customers of the two banks. The thieves then contacted the bank via email demanding the ransom payment.

In the email, which reportedly was sent from somewhere in Russia, the hackers said, “We warned BMO and Simplii that we would share their customers information [sic] if they don’t cooperate.  These … profile will be leaked on fraud forum and fraud community as well as the 90,000 left if we don’t get the payment before May 28 2018 11:59PM.”

The group said that it was able to access the banks’ “sub-par security” through the use of an algorithm that generated account numbers. With that information, it was able to pose as customers who had forgotten their passwords, and gained access.

“They were giving too much permission to half-authenticated account which enabled us to grab all these [sic] information,” said the hackers in the email. They added that the system “was not checking if a password was valid until the security question [sic] were input correctly.”

To confirm the validity of the theft claims, the hackers provided examples of the customer data in their possession to the banks.

The ransom was due several days ago but there has not been any public verification of whether or not it was paid, or if the information was, in fact, released to the dark web. BMO refused to pay the ransom, stating, “Our practice is not to make payments to fraudsters. We are focused on protecting and helping our customers.”