Malta's Bank of Valetta (BOV) has pulled the plug on its entire internet access, including shutting down cashpoints and branch offices, after detecting a "cyber intrusion" by crims that tried to steal nearly €13m.
The Times of Malta reported: "All of the bank's functions – branches, ATMs, mobile banking and even email services – were suspended and its website taken offline."
In a statement reported by various local outlets, Maltese prime minister Joseph Muscat told parliament that the attack was detected shortly after the start of business today – and involved assailants, said to be from "overseas", trying to transfer €13m to a variety of banks spread across the UK, US, Czech Republic and Hong Kong.
The bank's website, BOV.com, is inaccessible at the time of writing. Even the domain's nameservers appear to have been wiped, judging from the results of multiple domain lookups attempted by The Register.
"Bank of Valletta apologises to its clients for any inconvenience caused and will be keeping its customers and the general public informed of developments," the bank said in a statement reported by the Times of Malta. It added that customers' funds "are in no way impacted or compromised" by the breach.
Local reports indicated that the bank's unprecedented shutdown had halted all payment processing, including payments made through shops' point-of-sale terminals where the backend infrastructure relies on BOV systems. An unnamed clothing retailer reportedly suggested problems started around 1.15pm local time (12.15 GMT) today.
Attacks against banks are not as uncommon as one might hope. Infamously, hackers acquired $60m from the Far Eastern International Bank in 2017 after compromising its internal network, while more recently North Korean cyberbaddies were blamed for siphoning $13.5m out of Cosmos Bank by targeting the Indian bank's ATM testing infrastructure to find a way in.
Two days ago the Bank of Valletta celebrated Safer Internet Day, according to a press release. ®