IND-S17 Hacker Group Breaches NBP Bank, Exposing Data of 52,000 Users
Hello everyone,
In Today Article I’m going to share the whole Story to you all of this recent NBP Bank Data breached by IND-S17 Hackers Group.
Let’s begin this whole Data Breached Story and this whole incident have 2 part’s.
These are the following parts :
- How I reached to it.
- What I saw there .
Let’s start with the first part, “How I reached it.” So basically, about this incident, I found out on January 23, 2024, at 1:20 A.M. As part of my daily routine, I engage in practicing various hacking techniques. After spending long hours on it, I feel tired. So, to relax, I started the Tor Browser and began surfing on Tor as usual. Then, I received a message from my friend informing me about the IND-S17 Hacker Group breaching the NBP Bank data, exposing the data of 52,000 users. After some time, he sent me the link to the official website (hosted on Tor) of that group, where they posted many things related to this breach. Upon learning this, my curiosity peaked, and I was eager to explore this data breach deeply. Then, I went through the link that was sent by my friend.
NBP Bank (National Bank of Pakistan) is one of the top 3 banks in Pakistan.
Let’s move to the second Part i.e, “ What I saw there ”.
“I’ll show you all what I saw when I searched the link on the Tor Browser. The URL is :
“ isuudydx3m3rn6gulgmkz6iehds7irtj33mx74hhdvtt5uru3stj24ad.onion ”
As soon as the website loaded successfully, the first interface I saw contained a total of 4 files, as you can see in the image above.
At that time, I felt insecure about opening these image and index files. Still, I took the risk and opened the index.html file. What I saw after opening the index.html file was so crazy. Let me show you everything, as I have taken screenshots of all the important slides.
1.
Banner of the Group who breached the 52K USERS BANK DETAILS of NBP Bank.
2.
In this slide, they uploaded some proof and blurred it for some reason. As you can see in this image, there are actual details of the users behind the blurred portion, such as name, passport/CNIC number, address, account number, etc. That’s crazy and horrible because 52,000 users’ details have been breached. They mentioned the date, which I think is the date when they successfully breached the NBP Bank data { may be : ) }. They also mentioned the data size and file type, i.e., a 5 MB ZIP file. Along with this, the next thing they mention is that this data is currently not for sale.
3.
Here they said that all blurred data they upload is real, and they also mention the “ data we got is ”, as you all seen in the image. They mention all points, and according to me, the proof is real because of the green color users data spot in the second image you have seen.
So, that’s all I have seen, and these are the screenshots I have taken. This data breach incident is very concerning for NBP Bank’s security because 52,000 user details is exposed.
I hope you like It : )
RED TEAM-001
