SBI ATM Glitch: Fraudsters Steal Rs 1 Crore via Hardware Tampering in Ludhiana
In a startling case of technical exploitation, a hardware vulnerability in State Bank of India (SBI) ATMs allowed a coordinated fraud syndicate to siphon nearly Rs 1 crore from the bank. The Ludhiana police commissionerate's cybercrime unit has launched a major investigation after registering a first-information report (FIR) this week, following a directive from the Ludhiana sessions court.
Sophisticated ATM Tampering Operation Uncovered
The fraud, which occurred between 2020 and 2021, involved the sophisticated tampering of 119 ATMs across Ludhiana. According to Inspector Satvir Singh, head of the cybercrime station, the suspects identified a specific vulnerability in the machines' transaction logic. "The accused would visit a kiosk and initiate a withdrawal," Satvir Singh explained. "While the cash was being dispensed, they would tamper with the machine manually to trigger a system error."
This manipulation, described as a "man-in-the-middle" physical attack, ensured that while the suspects successfully walked away with the banknotes, the ATM's internal sensors recorded a "transaction failure." This triggered an automated reversal, with SBI's system refunding the "unsuccessful" amount back into the suspects' accounts, effectively doubling their money.
Organized Network and Investigation Challenges
The scale of the operation suggests a highly organized criminal network. Investigators believe more than 100 "mule accounts" were used to funnel the funds, with multiple transactions often made from a single account before it was discarded. The case has been registered under sections 420 (cheating) and 120-B (criminal conspiracy) of the Indian Penal Code (IPC).
Police are now coordinating with bank officials to retrieve years-old CCTV footage and account KYC (know your customer) data. However, authorities have noted that the time elapsed since the 2020-21 crimes may complicate the recovery of digital and physical evidence. Inspector Satvir Singh emphasized, "Every account holder involved in these transactions will be traced."
Bank Response and Technical Fix
SBI has since identified and patched the technical glitch to prevent further exploitation. The bank reportedly struggled initially to initiate a police investigation, leading to the legal intervention by the Ludhiana sessions court. This case highlights the ongoing challenges financial institutions face in securing ATM hardware against physical tampering and cybercrime.
As the investigation continues, it underscores the need for enhanced security measures and prompt action in addressing such vulnerabilities to protect customer funds and maintain trust in banking systems.
