Canadian banks BMO and Simplii were the target of a hack attack earlier today, as the thieves stole the personal information of a combined 90,000 customers. The hackers demanded $1 million ransom in XRP.
The attack resulted in the compromise of the account holders details such as names, passwords, social insurance numbers, account numbers and balances. It was conducted by exploiting a weakness in the banks’ security systems. An algorithm which was used to conduct the attack was designed to quickly validate short numeric sequences such as credit card numbers.
These details were mentioned in an email sent by the attackers. The email also stated that the details would be leaked on a “fraud forum and fraud community” if the ransom was not paid by May 28th 11:59 PM.
The hackers stated that the algorithm they used allowed them to pose as account holders who forgot their password. They said:
“They were giving too much permission to half-authenticated account which enabled us to grab all these information. [The bank] was not checking if a password was valid until the security question were input correctly.”
In a statement to CBC News, the banks confirmed that the payment was not made. BMO said:
“Our practice is not to make payments to fraudsters. We are focused on protecting and helping our customers.”
“we are continuing to work with cybersecurity experts, law enforcement and others to protect our Simplii clients’ data and interests.”
The customers whose details were leaked were contacted by CBC News said that they were “very distressed” by the event. They also seemed to be worried about what they called “glaring gaps” in the banking systems.
This is indicative of the trend where hackers demand ransom payments in cryptocurrencies due to their untraceable nature and anonymity. Why they chose the XRP token for this is not mentioned, as the coin is more centralized than other cryptos, with the company Ripple holding 60% of all created coins.
Twitter user Rob Tomas said:
“This event highlights flaws in the traditional banking system. Cryptos FTW!”
The post Canadian banks hacked, thieves demand $1 million in Ripple [XRP] as ransom appeared first on AMBCrypto.