Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Flutterwave. Show all posts

Flutterwave Hit by Unknow Hackers Lost Millions of Dollars

Flutterwave, Africa's largest startup, suffered a cyberattack resulting in the disappearance of over ₦2.9 billion (~$4.2 million) from its accounts last month. According to the reports, the missing funds were transferred across 28 accounts in 63 transactions in early February by unknown threat actors.
 
Flutterwave is currently investigating the attack with law enforcement agencies to freeze accounts across 27 financial institutions that were involved in the transactions. Following the news about the case, several tweets surfaced regarding the alleged hack, some providing information while others complained about frozen accounts possibly linked to the incident. 

Meanwhile, Flutterwave has denied hacking by saying that “at Flutterwave, we understand that our customer’s personal and financial information is of the utmost importance. We take this responsibility seriously and understand that any potential security breach can cause anxiety and concern among our customers. We want to reassure you that Flutterwave has not been hacked”. 

Following the investigation, a legal request has been made to freeze 107 accounts, including the fifth beneficiary of those accounts, which has been placed on lien/Post-No-Debit (PND) to prevent the account owners from withdrawing any funds. 

These measures have been taken to ensure that the money remains in those accounts until the investigation into the hack is completed and the issue is resolved. The term "fifth beneficiaries" refers to the individuals who received the funds from those 107 accounts. 

“As a financial institution, we monitor transactions through our transaction monitoring systems and 24-hour fraud desk and review any suspicious activity. We collaborate with other financial institutions and law enforcement agencies to keep our ecosystem safe and secure...” 

“…During a routine check of our transaction monitoring system, we identified an unusual trend of transactions on some users’ profiles. Our team immediately launched a review (in line with our standard operating procedure), which revealed that some users who had not activated some of our recommended security settings might have been susceptible", Flutterwave further added to the statement. 

However, as of now, it is unclear how the threat actors were able to carry out the attack, but some people online are suggesting that the hackers might have tricked the merchants into giving away their security keys. This could have given the threat actors access to the money in the merchants' Flutterwave accounts.