Nepal | May 30, 2020

Chinese men held for cyber heist worth millions

• Stole from ATMs in Nepal, India • Rs 12.63 million recovered • Five arrested, three at large

Ujjwal Satyal
Share Now:

Kathmandu, September 1

Police have arrested five Chinese nationals in connection with the country’s biggest cyber heist in the banking sector and recovered approximately Rs 12.63 million they stole from several ATMs in Kathmandu.

Those taken into police custody are Lin Jianmeng, 39, LuoJialei, 40, Zhu Lianggang, 32, Qui Yunging, 30, and Chen Bin Bin, 35. All of them had arrived in Nepal last Friday and were planning to flee to their home country tomorrow. Three other Chinese nationals involved in the debit card scam are at large. Police said their identities had been circulated to all police stations and Tribhuvan International Airport for arrest.

Nepal Rastra Bank stated that a total of Rs 16.87 million was looted in the cyber attack from Nepal between 11:00am
and 4:30 pm yesterday. Hackers also withdrew INR 12.4 million from various ATMs in India.

Nepal Electronic Payment System has claimed that Nepali banks lost over Rs 35 million in the cyber heist.

The hackers, according to police, used electronic cards of at least six banks — NIC Asia, Siddhartha, Janata, Global IME, Prabhu and Sunrise — and used them at ATMs of three banks — Nabil, Nepal Investment and Nepal SBI — to illegally withdraw the money in Nepal.

Police have so far recovered around Rs 12.63 million from the five Chinese nationals and rest of the cash looted from Nepal is suspected to have been carried away by the three absconders. “It might take a few more days to calculate the exact amount looted through the cyber attack,” said Shiva Ram Dawadi, head of IT Department at NRB.

The hackers allegedly injected malware into Nepal Electronic Payment System, a shared card switching system of 17 banks, to drain the cash from the ATMs. NEPS was established by a group of Nepali banks to process cash withdrawal requests. It basically carries a message sent by issuers of electronic cards, such as VISA, to member banks, whose cards are used for cash withdrawals. ATMs emit cash only after member banks give approval. In the latest cyber heist, the malware apparently gave ATMs the instruction to emit cash before the request to withdraw cash could reach the member bank.

“The malware allowed Chinese hackers to steal the money available in the ATMs without debiting bank accounts of depositors,” Nepal Bankers’ Association President Gyanendra Prasad Dhungana said. This means the cash was not stolen from accounts of depositors but from the vaults of ATMs.

The biggest cyber heist in Nepal’s banking sector was noticed by Nabil Bank staff on Saturday after the ATMs ran out of cash though they were refilled on Friday evening. The hackers had used Prabhu Bank’s debit card at Nabil’s ATM to withdraw cash. Generally, an ATM holds Rs 2.5 million in cash.

“Normally, ATMs get lesser visitors on Saturdays and other public holidays. But two booths of Nabil Bank were emptied in a short duration, which drew the attention of bank staffers, who then informed about the incident to police,” said Prabhu Bank CEO Ashok Sherchan.

Acting on information provided by bank staffers, police first held Zhu from the Durbar Marg-based ATM kiosk of Nabil Bank at around 4:30 pm, leading to arrests of four others from Maya Manor Boutique Hotel at Hattisar. Deputy Superintendent of Police Hobindra Bogati said, “Four of them were arrested from the sixth floor of the hotel when they were preparing to flee.” Police, however, failed to arrest three other Chinese nationals, who were staying in the third floor of the same hotel. The racketeers had booked three rooms at the hotel.

Police have confiscated 132 duplicate and 17 original VISA cards, a card printing machine, six mobile phones, a laptop and a data card from the Chinese hackers.

Had the bank staffers not noticed the incident and informed authorities on time, the hackers would have emptied many more ATMs and fled the country, according to bankers.

Senior Superintendent of Police Uttam Raj Subedi, in-charge at Metropolitan Police Range, Teku, said, “We are also looking for Nepali suspects who may have assisted the Chinese men in hacking VISA system of the banks.” He added that since hacking is often committed from abroad, Nepal Police with the support of NBA would conduct an investigation to establish the location where the hacking was guided from.

The NBA has appealed to bank customers not to panic because of the cyber attack as their deposits are safe and intact.

READ ALSO: 


A version of this article appears in print on September 02, 2019 of The Himalayan Times.


Follow The Himalayan Times on Twitter and Facebook

Recommended Stories:

More from The Himalayan Times:

Are we doing enough for the mental health of healthcare workers?

The number of coronavirus patients has been increasing over the past few days in Nepal. In the current scenario, it seems like the numbers would further increase in the coming days. Given that healthcare workers and frontline staff are the first responders to manage the ongoing pandemic with limited Read More...

Italy's Serie A gets green light for June 20 restart

Sports minister Spadafora says top-flight soccer can resume Italian Cup matches could be staged before league restarts Serie A will be fourth of Europe's top five leagues to return Juventus hold one point lead over Lazio with 12 games left ROME: Italy's top-flight Serie A soccer le Read More...

English Premier League announces June 17 restart

League to resume season subject to safety requirements Starts with Villa v Sheffield Utd and Man City v Arsenal Full fixture list scheduled for weekend of June 19-21 All of the remaining 92 fixtures to be broadcast live MANCHESTER, ENGLAND: The Premier League season will restart Read More...

UN, AI demand impartial probe into Rukum incident

Kathmandu, May 28 The attention of United Nations in Nepal has been drawn to the incident in Rukum (west), where five Dalit youths lost their lives and two went missing when the Dalit youths were chased by a group of villagers. The Dalit youths had gone to the village to help their friend marry a Read More...

‘Nepali Congress will support new map of Nepal’

Kathmandu, May 28 Nepali Congress Spokesperson Bishwa Prakash Sharma said at a press conference today that his party would stand in favour of the newly issued country’s map when the issue would come up in the Parliament but the party had reserved the right to take an organisational decision on Read More...

SC rules lockdown time as zero period  

Kathmandu, May 28   The Supreme Court today ruled that the period between March 22 and the time when the lockdown would end should be considered zero period for those whose deadline for filing or contesting cases or joining court proceedings had lapsed.   The grand Full bench of the apex Read More...

Zuckerberg distances Facebook from Twitter in Trump fight

SAN FRANCISCO: Facebook Chief Executive Mark Zuckerberg took pains to distance his company from Twitter and its fight with US President Donald Trump on Thursday, as the White House moved to scrap a law protecting social media companies. Republican Trump, who accuses social media firms of b Read More...

Budget size reduced by 3.8pc to Rs 1.47 trillion

Due priority given to health, employment generation and relief for crisis-hit businesses Khatiwada sets 7pc growth target for next fiscal Kathmandu, May 28 Amid uncertainties due to the spread of COVID-19 in the country, Finance Minister Yubaraj Khatiwada today unveiled a federal budget Read More...