<link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=0bc519f3-f427-40a5-8431-510875bd1c6b' media='none' onload='if(media!='all')media='all'' rel='stylesheet'/><noscript><link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=0bc519f3-f427-40a5-8431-510875bd1c6b' rel='stylesheet'/></noscript>
<meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618281995222563&host=ca-host-pub-1556223355139109" crossorigin="anonymous"></script>

<!-- data-ad-client=ca-pub-1618281995222563 -->

<link rel="stylesheet" href="https://fonts.googleapis.com/css2?display=swap&family=Playfair+Display&family=Indie+Flower&family=Open+Sans&family=Poppins"></head><body>

Customize your view

Setting applies to this browser only

Background

Light
Dark
System default

Flaw in Revolut's Payment System Leads to $20 Million Theft

Admin

July 10, 2023

Table of Contents

Revolut 20 million hack

In what seems to be a major breach, a flaw in Revolut's US payment system led to a theft of over $20 million, the FT reported.

Organized criminals exploited an unknown flaw in the company's payment system over several months in 2021 and 2022, before it was eventually addressed in spring 2022.

The technical flaw arose due to disparities between the European and US payment systems. In certain cases, transactions were incorrectly refunded when declined, causing Revolut to inadvertently distribute its own money.

Criminal gangs allegedly capitalized on this flaw by encouraging individuals to attempt large purchases that would inevitably be declined, allowing the refunded sums to be withdrawn via ATMs.

The illicit activities remained undetected until a partner bank in the US raised an alert over discrepancies in cash holdings. After realizing the issue, Revolut's US subsidiary requested substantial cash injections from its parent company in the UK.

About $23 million was stolen in total, with some funds recovered by pursuing those that had withdrawn cash, resulting in a net loss of about $20 million, the FT added.

Currently, Revolut hasn't commented anything regarding the matter.

Read Also

Share:

You may like these posts Show all

Post a Comment

<script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/1611936031-widgets.js"></script>
<script type='text/javascript'>
window['__wavt'] = 'AOuZoY7U39goomNdQfKZfy-eIRCab7Inag:1720040109168';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d3448621598664628523','//www.cyberkendra.com/2023/07/flaw-in-revoluts-payment-system-leads.html','3448621598664628523');
_WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '3448621598664628523', 'title': 'Cyber Kendra', 'url': 'https://www.cyberkendra.com/2023/07/flaw-in-revoluts-payment-system-leads.html', 'canonicalUrl': 'https://www.cyberkendra.com/2023/07/flaw-in-revoluts-payment-system-leads.html', 'homepageUrl': 'https://www.cyberkendra.com/', 'searchUrl': 'https://www.cyberkendra.com/search', 'canonicalHomepageUrl': 'https://www.cyberkendra.com/', 'blogspotFaviconUrl': 'https://www.cyberkendra.com/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': true, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': 'G-YN9DJXCC22', 'analytics4': true, 'encoding': 'UTF-8', 'locale': 'en', 'localeUnderscoreDelimited': 'en', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22Cyber Kendra - RSS\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/3448621598664628523/posts/default\x22 /\x3e\n\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/1324420463094911963/comments/default\x22 /\x3e\n', 'meTag': '', 'adsenseClientId': 'ca-pub-1618281995222563', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': true, 'adsenseAutoAds': true, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/608bb9e90ae60b5a', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'Twitter', 'key': 'twitter', 'shareMessage': 'Share to Twitter', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'item', 'postId': '1324420463094911963', 'postImageThumbnailUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNQNwBnXZ9Ib-nXzNUUJWo_-cvHpLuEOxwCPjgZYl7yRHmm-rwugO9ZtER6ukXoGUAXRZ70hkMfogrhv1l23114rnMny_GHDLrlr0rrPyJX8-qmbGAsorS0vJ4ngjf2yWArvxfBmoway0VS0UOKbS9wv0GgX7J4n6orp0WhcHrhHs6MBGWk0MPCD0O32M/s72-c/Revolut%20hack.webp', 'postImageUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNQNwBnXZ9Ib-nXzNUUJWo_-cvHpLuEOxwCPjgZYl7yRHmm-rwugO9ZtER6ukXoGUAXRZ70hkMfogrhv1l23114rnMny_GHDLrlr0rrPyJX8-qmbGAsorS0vJ4ngjf2yWArvxfBmoway0VS0UOKbS9wv0GgX7J4n6orp0WhcHrhHs6MBGWk0MPCD0O32M/s16000/Revolut%20hack.webp', 'pageName': 'Flaw in Revolut\x27s Payment System Leads to $20 Million Theft', 'pageTitle': 'Cyber Kendra: Flaw in Revolut\x27s Payment System Leads to $20 Million Theft', 'metaDescription': ''}}, {'name': 'features', 'data': {}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard!', 'ok': 'Ok', 'postLink': 'Post Link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': true, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'Flaw in Revolut\x27s Payment System Leads to $20 Million Theft', 'description': 'Cyber Kendra is the best source for Cybersecurity and Hacking News. Along with that read about How To\x27s , Infosec and Network Security', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNQNwBnXZ9Ib-nXzNUUJWo_-cvHpLuEOxwCPjgZYl7yRHmm-rwugO9ZtER6ukXoGUAXRZ70hkMfogrhv1l23114rnMny_GHDLrlr0rrPyJX8-qmbGAsorS0vJ4ngjf2yWArvxfBmoway0VS0UOKbS9wv0GgX7J4n6orp0WhcHrhHs6MBGWk0MPCD0O32M/s16000/Revolut%20hack.webp', 'url': 'https://www.cyberkendra.com/2023/07/flaw-in-revoluts-payment-system-leads.html', 'type': 'item', 'isSingleItem': true, 'isMultipleItems': false, 'isError': false, 'isPage': false, 'isPost': true, 'isHomepage': false, 'isArchive': false, 'isLabelSearch': false, 'postId': 1324420463094911963}}, {'name': 'widgets', 'data': [{'title': 'Template Code (Do not disable)', 'type': 'HTML', 'sectionId': 'settings', 'id': 'HTML45'}, {'title': 'Cyber Kendra (Header)', 'type': 'Header', 'sectionId': 'header', 'id': 'Header1'}, {'title': 'Recent searches', 'type': 'HTML', 'sectionId': 'custom_searches', 'id': 'HTML2'}, {'title': 'Most popular', 'type': 'PopularPosts', 'sectionId': 'custom_searches', 'id': 'PopularPosts2', 'posts': [{'title': 'Hamster Kombat: Daily Combo and Cipher Answer for June 30', 'id': 8066608203555572519}, {'title': 'Download ExaGear APK + obb - Windows Emulator for Android', 'id': 3731719425182612328}, {'title': 'regreSSHion - Critical Remote Code Execution Vulnerability Discovered in OpenSSH', 'id': 8748604690741712774}, {'title': 'Pirates Bay Proxy List 2024: Unblock Pirate Bay [July Updated]', 'id': 7709902560608743927}, {'title': 'Hamster Kombat: Daily Cipher and Daily Combo Answer for June 28', 'id': 4427742985928455860}, {'title': 'TeamViewer Confirms Breach in Corporate IT Environment, Investigations Ongoing', 'id': 8592904885616002446}]}, {'title': 'Live Search', 'type': 'HTML', 'sectionId': 'custom_searches', 'id': 'HTML3'}, {'title': 'Menu', 'type': 'LinkList', 'sectionId': 'section', 'id': 'LinkList1'}, {'title': '', 'type': 'HTML', 'sectionId': 'billboard_ads', 'id': 'HTML6'}, {'title': 'Blog Posts', 'type': 'Blog', 'sectionId': 'main', 'id': 'Blog1', 'posts': [{'id': '1324420463094911963', 'title': 'Flaw in Revolut\x27s Payment System Leads to $20 Million Theft', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNQNwBnXZ9Ib-nXzNUUJWo_-cvHpLuEOxwCPjgZYl7yRHmm-rwugO9ZtER6ukXoGUAXRZ70hkMfogrhv1l23114rnMny_GHDLrlr0rrPyJX8-qmbGAsorS0vJ4ngjf2yWArvxfBmoway0VS0UOKbS9wv0GgX7J4n6orp0WhcHrhHs6MBGWk0MPCD0O32M/s16000/Revolut%20hack.webp', 'showInlineAds': false}], 'footerBylines': [{'regionName': 'footer1', 'items': [{'name': 'author', 'label': 'Oleh'}, {'name': 'timestamp', 'label': 'pada tanggal'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}]}, {'regionName': 'footer2', 'items': [{'name': 'labels', 'label': ''}]}], 'allBylineItems': [{'name': 'author', 'label': 'Oleh'}, {'name': 'timestamp', 'label': 'pada tanggal'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}, {'name': 'labels', 'label': ''}]}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'top_ads', 'id': 'HTML90'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'middle_ads_1', 'id': 'HTML91'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'parallax_ads', 'id': 'HTML92'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'middle_ads_2', 'id': 'HTML93'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'bottom_ads', 'id': 'HTML94'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'matched_content_ads', 'id': 'HTML75'}, {'title': '', 'type': 'LinkList', 'sectionId': 'custom_widget_posts2', 'id': 'LinkList3'}, {'title': '', 'type': 'HTML', 'sectionId': 'sidebar', 'id': 'HTML13'}, {'title': 'Trending!', 'type': 'PopularPosts', 'sectionId': 'sidebar', 'id': 'PopularPosts1', 'posts': [{'title': 'Hamster Kombat: Daily Combo and Cipher Answer for June 30', 'id': 8066608203555572519}, {'title': 'Download ExaGear APK + obb - Windows Emulator for Android', 'id': 3731719425182612328}, {'title': 'regreSSHion - Critical Remote Code Execution Vulnerability Discovered in OpenSSH', 'id': 8748604690741712774}, {'title': 'Pirates Bay Proxy List 2024: Unblock Pirate Bay [July Updated]', 'id': 7709902560608743927}, {'title': 'Hamster Kombat: Daily Cipher and Daily Combo Answer for June 28', 'id': 4427742985928455860}, {'title': 'TeamViewer Confirms Breach in Corporate IT Environment, Investigations Ongoing', 'id': 8592904885616002446}]}, {'title': '', 'type': 'HTML', 'sectionId': 'sticky_sidebar', 'id': 'HTML12'}, {'title': '', 'type': 'HTML', 'sectionId': 'sticky_sidebar', 'id': 'HTML4'}, {'title': 'Footer Credit', 'type': 'HTML', 'sectionId': 'footer_widget_1', 'id': 'HTML38'}, {'title': 'Social Media', 'type': 'LinkList', 'sectionId': 'footer_widget_1', 'id': 'LinkList10'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'custom_script', 'id': 'HTML5'}]}]);
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML45', 'settings', document.getElementById('HTML45'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HeaderView', new _WidgetInfo('Header1', 'header', document.getElementById('Header1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML2', 'custom_searches', document.getElementById('HTML2'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts2', 'custom_searches', document.getElementById('PopularPosts2'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML3', 'custom_searches', document.getElementById('HTML3'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList1', 'section', document.getElementById('LinkList1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML6', 'billboard_ads', document.getElementById('HTML6'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'main', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML90', 'top_ads', document.getElementById('HTML90'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML91', 'middle_ads_1', document.getElementById('HTML91'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML92', 'parallax_ads', document.getElementById('HTML92'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML93', 'middle_ads_2', document.getElementById('HTML93'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML94', 'bottom_ads', document.getElementById('HTML94'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML75', 'matched_content_ads', document.getElementById('HTML75'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList3', 'custom_widget_posts2', document.getElementById('LinkList3'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML13', 'sidebar', document.getElementById('HTML13'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts1', 'sidebar', document.getElementById('PopularPosts1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML12', 'sticky_sidebar', document.getElementById('HTML12'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML4', 'sticky_sidebar', document.getElementById('HTML4'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML38', 'footer_widget_1', document.getElementById('HTML38'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList10', 'footer_widget_1', document.getElementById('LinkList10'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML5', 'custom_script', document.getElementById('HTML5'), {}, 'displayModeFull'));
</script>
</body>