Hoax About ATMs Being Shut for a Few Days Due to Pakistan’s Cyber Attack Viral

A text message which claims that all Automatic Teller Machines (ATMs) across India will be shut for two to three days due to a cybersecurity threat has gone viral on social media.

What does the message say?: The viral message states that ATMs will "probably" remain shut due to "ransomeware cyber-attack within Pakistan (sic)," advising people against conducting online transactions.

Another claim going viral along with this one tells people not to download a video called "Dance of the Hillary," which, if opened, "formats your mobile."

• This claim goes on to state that the announcement was made "today" on BBC radio and that 74 countries will be affected.

• Additionally, it says that any email with an attachment mentioning "tasksche.exe" should also not be opened.

• Along with other users, Uttarakhand's Chamoli Police and news organisation DNA also shared similar claims on their X accounts.

• We also received a query to verify this viral claim on our WhatsApp tipline.

But...?: The Press Information Bureau (PIB), along with several Indian banks, have dismissed the claim about ATMs being shut.

• Moreover, the claim about 'Dance of the Hillary' is an old hoax which has been circulating since 2016 and the warning about 'tasksche.exe' is related to the global 2017 Wannacry ransomware attack, and has no connection to the ongoing conflict between India and Pakistan.

How did we find out the truth?: We ran a keyword search to look for recent and credible news reports about ATMs shutting down amid the ongoing India-Pakistan conflict, but did not find any.

• However, we came across a post shared by PIB, which dismissed this viral claim, calling it "fake" and urging people not to share unverified messages.

Several Indian banks, such as the State Bank of India (SBI), Bank of Baroda, Indian Bank, and Punjab National Bank shared posts saying that their ATMs would remain functional.

(Swipe to view posts.)

What about the virus?: Since PIB and the banks only addressed the first half of the viral message, we dug deeper to find more details about the video and attachment mentioned in the claim.

• We saw that similar claims about the 'Dance of the Hillary' video dated back to December 2016 and are not recent posts which are specifically related to the Indo-Pak conflict.

• We were also unable to find any credible sources that shared any information about any such virus.

• The search also led us to a 2017 post by researcher Brian J Cox, who had also dismissed this claim as a hoax on his LinkedIn profile.

• Additionally, fact-checking website Snopes, too, had debunked this hoax back in 2015, which establishes that neither is the rumour recent, nor is it true.

The email attachment named 'tasksche.exe' is also old and is related to a 2017 ransomware attack named 'Wannacry'.

• The Quint had extensively covered the attack in its 2017 report, stating that it had spread through "email attachments and dubious links," affecting over three lakh Windows computers and networks around the globe.

• The most prominent system to be targeted was the UK's National Health Service (NHS) network of healthcare services, affecting about 200 of their networks, The Quint reported.

• In India, multiple ATMs had been shut down as a preventative measure against the attack.

In a nutshell, the claim is misleading and a hoax because:

• ATMs will remain functional.

• The claim about a virus called 'Dance of the Hillary' is a hoax that has been circulating since 2016.

• The file named 'tasksche.exe' is related to a 2017 ransomware attack and has no connection to the ongoing conflict.

(Not convinced of a post or information you came across online and want it verified? Send us the details on WhatsApp at 9540511818 , or e-mail it to us at webqoof@thequint.com and we'll fact-check it for you. You can also read all our fact-checked stories here.)