Hackers Steal $20 Million by Exploiting Flaw in Revolut’s Payment Systems

Malicious actors exploited an unknown flaw in Revolut’s payment systems to steal more than $20 million of the company’s funds in early 2022.

The development was reported by the Financial Times, citing multiple unnamed sources with knowledge of the incident. The breach has not been disclosed publicly.

The fault stemmed from discrepancies between Revolut’s U.S. and European systems, causing funds to be erroneously refunded using its own money when some transactions were declined.

The problem was first detected in late 2021. But before it could be closed, the report said organized criminal groups leveraged the loophole by “encouraging individuals to try to make expensive purchases that would go on to be declined.” The refunded amounts would then be withdrawn from ATMs.

The exact technical details associated with the flaw are currently unclear.

About $23 million was stolen in total, with some funds recovered by pursuing those who had withdrawn cash. The mass fraud scheme is said to have resulted in a net loss of about $20 million for the neobank and fintech firm.

The disclosure arrives less than a week after Interpol announced the arrest of a suspected senior member of a French-speaking hacking crew known as OPERA1ER, which has been linked to attacks aimed at financial institutions and mobile banking services with malware, phishing campaigns, and large-scale Business Email Compromise (BEC) scams.

– The Hacker News

Related posts

IBM Study: More Companies Turning to Open-Source AI Tools to Unlock ROI

RUCKUS Wi-Fi 6 Solution Improves Campus Experience for Amrita University

Team Computers Launches Global Delivery Center in Uttarakhand to Transform Rural India

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More