The Kerala Police have taken two people into custody in connection with an ATM fraud that allegedly preyed into the “compromised cybersecurity system” of the Kerala Bank.

Three days after the recently-formed scheduled State Cooperative Bank alerted the police of an ATM loot of at least ₹2.4 lakh, the Cyber Crime police nabbed two Kasaragod natives from Tamil Nadu on Thursday. While another accused is on the run, the police remained on the lookout for the involvement of more hands in the case. The extent of the theft could also increase, sources said.

Sleuths involved in the probe said the bank raised alert after finding large sums of cash missing from its ATMs in various districts including Thiruvananthapuram, Kottayam and Kasaragod on Monday. In Thiruvananthapuram, the fraud is suspected to have taken place from two ATMs in the East Fort and in Nedumangad.

The gang is suspected to have exploited the failure of the Kerala Bank to evolve a common software for its banking network. Despite amalgamating the district cooperative banks in the State around two years ago, the bank continued to run on separate software in each district. This anomaly could have been factored in by the gang while hatching the conspiracy.

A senior police officer said ATMs usually relied on a switch application server to communicate with the core banking system in order to validate the user’s bank account details for a requested transaction.

In India, the National Payments Corporation of India (NPCI) facilitated the core banking operations of financial institutions while its National Financial Switch (NFS) linked ATM networks across the country. Normally, the ATM software accepted or declined transactions after receiving information from the NPCI via. the switch application server. The NPCI, which served to ensure the user possessed the required amount in his bank account, also oversaw the transfer of the withdrawn money from the user’s account to the bank that managed the ATM.

However, in the Kerala Bank case, the fraudsters are believed to have used an ATM card issued by a bank account based in Uttar Pradesh to fool the Kerala Bank ATMs to spit out large amounts without notifying their home bank. Investigators suspected them to have been managed this by hacking the Kerala Bank’s software and intercepting the transaction request before it reached the NPCI system.