Customers of Uzbek banks suffer from a serious cyberattack

Social networks and some Telegram channels reported that servers were hacked, as a result of which fraudsters withdrew money from bank cards and took them out of the country.

After that, the Humo payment system announced that these reports were false and that the system met all security requirements.

The Central Bank also stated that there were no cyberattacks on banks and payment systems and that their operations currently meet all security requirements.

According to several victims contacted by Gazeta.uz, a large amount of money was withdrawn from their bank cards on November 11.

A student named Victoria reported that on the night of November 11, 19.7 million soums were withdrawn from her Humo card issued by Tenge Bank through three transfers. He knew this in the morning.

Victoria has received messages from Unired shipper as well as OFB-ex (probably OFB Express). She clarified that none of the apps with that name were installed on her phone.

A little later, Victoria’s husband installed the Unired program on her phone.

“This program has all the information about the Humo card, and the name of a stranger is written under my phone number. It was also seen that 19.7 million soums were transferred from this program to the card of another stranger. Later it turned out that these are real people who have accounts at Tenge Bank,” Victoria wrote.

Another victim, Sergey, said that on the night of November 11, money transfers totaling 74 million soums were made in four transactions from both Humo cards issued by InfinBank and Uzmilliybank through the Unired application. At night, as in previous cases, Sergey did not give the codes received by SMS to anyone.

The aforementioned Unired app belongs to Universalbank. Sergey said that he contacted this bank for an explanation.

“I learned from the bank employees that there are no security algorithms in the application (a person downloaded the application at night, connected a bank card to it and withdrew all the funds on the card, and the bank does not consider it a suspicious operation), and also that the daily limit is $10,000. Bank employees say that any person can pass identification (in my case, a certain stranger passed) and add any card without checking the cardholder's suitability,” Sergey wrote.

Diyorbek reported that on the night of November 11, he was sent several times confirmation codes for transactions he did not request. After that, funds amounting to 18.7 million soums from his Qishloq qurilish bank card and 2.8 million soums from the Xalq Banki card were debited.

“I tried to access my Unired account and I was able to do so. When I entered my account, it was not mine, but it was authenticated with another passport in the name of unknown,” Diyorbek wrote.

In all three cases cited above, the victims claimed to be sleeping at night (in all cases the transactions were made between 02:00 a.m. and 06:00 a.m.) and did not ask or transfer the codes to anyone. An application has been submitted to the law enforcement agencies regarding these cases.

Gazeta.uz has received information that at least 16 people suffered from unauthorized money transfers, and the amount of damage caused to them amounted to nearly 1 billion soums. So far, this information has not been clarified by government agencies.

Also, on Saturday, November 11, a member of the Potrebitel.uz group reported that a large amount of money was withdrawn overnight from the Humo card issued by Octobank (formerly Ravnaq Bank) through several transactions.

From the screenshots attached by a woman, it can be seen that the sender of Unired sent a code to her mobile phone several times to confirm the withdrawal of money from the bank card. According to the author, she did not give the codes to anyone. However, according to the information obtained from the screenshots, about 43 million soums were debited from the card in three operations.

Octobank, which issued the card of the author of the post, later commented on this situation. Bank employees investigated the incident and found out that the money transfer operations were carried out through the Unired Mobile application, and all transactions were confirmed using SMS codes sent from Unired Mobile.

“All possible flaws or malfunctions in Octobank’s anti-fraud system have been ruled out,” the report said.

The bank added that even if the client’s account is protected by anti-fraud software, SMS codes delivered to the client through oral, written, malicious software, fake phishing sites are one of the weakest points.