Business 1 June 2018

Erik Gibbs

Hackers attack Canadian banks, demand $1M in XRP as ransom

Two Canadian banks, Simplii Financial and the Bank of Montreal (BMO), were on damage control after hackers reportedly bypassed their security and stole the data of tens of thousands of the banks’ clients. According to reports, the hackers contacted the banks following the theft, demanding a payment of $1 million in Ripple (XRP), or they would release the information to the dark web. The hackers even gave details on how they got into the systems.

According to a report by CBC News, the hackers were able to make off with names, passwords, account numbers and balances, social insurance numbers and security questions and answers for over 90,000 customers of the two banks. The thieves then contacted the bank via email demanding the ransom payment.

In the email, which reportedly was sent from somewhere in Russia, the hackers said, “We warned BMO and Simplii that we would share their customers information [sic] if they don’t cooperate.  These … profile will be leaked on fraud forum and fraud community as well as the 90,000 left if we don’t get the payment before May 28 2018 11:59PM.”

The group said that it was able to access the banks’ “sub-par security” through the use of an algorithm that generated account numbers. With that information, it was able to pose as customers who had forgotten their passwords, and gained access.

“They were giving too much permission to half-authenticated account which enabled us to grab all these [sic] information,” said the hackers in the email. They added that the system “was not checking if a password was valid until the security question [sic] were input correctly.”

To confirm the validity of the theft claims, the hackers provided examples of the customer data in their possession to the banks.

The ransom was due several days ago but there has not been any public verification of whether or not it was paid, or if the information was, in fact, released to the dark web. BMO refused to pay the ransom, stating, “Our practice is not to make payments to fraudsters. We are focused on protecting and helping our customers.”

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

‘Irresponsible tweets’ land John McAfee in hot water with Skycoin

Business 22 March 2019

‘Irresponsible tweets’ land John McAfee in hot water with Skycoin

Skycoin has responded on Twitter that it John McAfee’s comments about “whale f--king” that actually led to the project being forced to sever ties with the cryptocurrency influencer.

Read More
Watch out: Fake Wasabi crypto wallet out to steal your crypto

Business 22 March 2019

Watch out: Fake Wasabi crypto wallet out to steal your crypto

The scam wallet is an uncanny clone of the real Wasabi wallet. It comes with a fake website and for those who are not keen, it's almost impossible to distinguish between it and the real one.

Read More
UPS partners with blockchain startup for B2B platform

Business 22 March 2019

UPS partners with blockchain startup for B2B platform

UPS, a global leader in logistics, announced a partnership with Inxeption that targets B2B merchants.

Read More