“The Indian Cyber Force strikes back after the Pahalgam attack, breaching Pakistan’s largest bank, HBL!”
After careful examination, the hack reveals whole IBANs and account numbers in plaintext linked to bank names and employee IDs. After the initial formatting error in the IBANs was fixed, the critical data risk was verified. It is suspected that there are systemic vulnerabilities during batch updates.
Dipanshu Kumar , HackingBlogs
Hello My Dear Users Of HackingBlogs,
Today We’ll be looking at the recent cyber strike made my the Indian Cyber Force. Who Are They, what data has been exposed what are it’s after cause and analysis of the data exposed. So without any futher ado let us get right into the blog article.
Who Are the Indian Cyber Force ?
The Indian Cyber Force (ICF) is a claimed structured cyber force that appears to be involved in India’s cybersecurity projects, namely in offensive and defense cyber operations. Several reports and claims suggest that the ICF is a highly qualified, semi-official collective engaged in cyberwarfare operations in reaction to national security threats, despite the fact that the Indian government does not formally recognize the group. Similar to state-backed or state-affiliated hacking units, the group appears to operate with a degree of transparency.
Let’s Have A look at there past reports
ICF in the past has made several breaches particularly in Pakistan, China carrying out cyberattacks against suspected enemies, including as interfering with their digital infrastructure and using hacking to obtain info.
2016 – Surgical Strike Cyber Operations
ICF reportedly began cyber operations against Pakistani military and government websites following the Uri incident, employing DDoS, SQL injection, and website defacement to mess with services and communicate a political message.
2023 – Breach of Habib Bank Limited (HBL)
ICF faces the claim of breaking into HBL’s employee site and using malware and spear phishing to obtain private information, perhaps compromising internal and financial data.
2014 – Operation #OpPakistan
A series of cyberattacks targeting Pakistani military and government sites, using phishing, DDoS, and SQL injection, in retaliation for rising tensions between the two nations.
Latest Update On Breach : HBL Bank
On X The ICF Group Posted :
Indian Cyber Force @CyberForceX
We have breached Pakistan’s largest bank, HBL (Habib Bank Limited).
🔥 Employee portal 🔥.Download Sample:
https://t.me/Indian_Cyber_Force_Rise/14
To obtain the full data breach, contact us.
Providing The Sample Data To Users. Along With A Mediafiles Showcasing different files containing the breaches. On There official telegram channel the hacker collective wrote :
“The Palgham attack, perpetrated by terrorists operating from Pakistani soil, demands an unequivocal and unrelenting response. We will no longer tolerate threats to our sovereignty. A decisive Cyber Attack will Begin to dismantle critical infrastructure, financial systems, and networks enabling these acts of terror. Every entity complicit in violence will face consequences. This is not mere retaliation it is a calculated, devastating strike to degrade their capacity for harm. Let there be no ambiguity those who target our people will be held accountable, without mercy or hesitation. Bhikharisthan, it’s time your daddy aka BHARAT donates you some fresh Aaata.”
Various Other Sites Also Hacked By The ICF Group
Along With Breaching the HBL Bank , the group also made it’s way through the systems of The Bank Of Punjab by taking down the site for a duration of more than 12 hours. They Breached the Pakistani government and private sector databases which includes Euro Oil, AJK Supreme Court, University of Balochistan, Wada Call Agency, Sindh Police
And Then Uploaded the Breach material to a seperate Account @Pakistanbreach.
What Does The Breach Of HBL Bank Contains ?
As mentioned the HBL Breach Contains
- Bank details
- Employee documents
- Salaries
- Education info
- Loans & allowances
- Password resets
- …and more.
Security Analysis Of The Leaked Data
The hack made sensitive employee financial information, such as names, account numbers, IBANs, and bank names (HBL, etc.), public. Furthermore, payment methods and transaction dates were made public, raising the possibility of financial crime and phishing.
Account numbers and exposed IBANs may be misused for illegal activities. Account names present a risk of identity theft. Internal salary systems are revealed via payment method information, which serves as a road map for focused attacks.
| Employee ID | Correct IBAN | Bank Name | Account Number | Risk Level |
|---|---|---|---|---|
| 19663 | 11927900700103 | HBL | 11927900700103 | CRITICAL |
| 19666 | 11927900700107 | HBL | 11927900700107 | CRITICAL |
| 19674 | 11927900700108 | Missing | 11927900700108 | CRITICAL |
| 19679 | 11927900700109 | Missing | 11927900700109 | CRITICAL |
On Converting the IBANS Which were auto-converted to scientific notation (by Excel or database exports).
In addition to phishing, attackers can start fraudulent bank transfers using IBAN + Account Number. In the event that other datasets are later compromised, employee ID linkage may potentially enable complete identity reconstruction.
