On January 10, 2025, a cyberattack targeted the RTGS/NEFT transaction system of Karnataka’s Ballari District Co-operative Central (BDCC) Bank, leading to the theft of around $280,000 (₹2.34 crore). Hackers exploited vulnerabilities in the bank’s system by altering account numbers and IFSC codes during a regular transfer to IDBI Bank. This allowed stolen funds to be redirected to 25 different accounts in northern India, although the beneficiary names remained unchanged.
The issue was uncovered on January 13, 2025, after several customers noticed discrepancies, particularly unprocessed transfers.
Further investigation revealed that unauthorized transfers exceeding ₹5 lakh were diverted, prompting the bank to suspend its RTGS/NEFT services and file a formal complaint. Authorities launched an investigation under the Information Technology Act and fraud-related sections.
The cyberattack targeted customers’ funds by manipulating the transfer process without raising suspicion in the names of the recipients. This highlights the vulnerability of financial systems to sophisticated cyber attacks, especially in RTGS/NEFT transactions. The swift response by BDCC Bank and authorities is aimed at minimizing further damage and holding the perpetrators accountable.
BDCC Bank’s vigilance and rapid action have led to the filing of an FIR with the local police and a detailed investigation to track the criminals behind this attack. The case was subsequently referred to the Ballari Cyber Economic Narcotics Police Station for further probe, as part of the ongoing fight against cybercrime in India.
Reference:
