Does your Security supervisor play cards?
Target $423 million USD.at Toshiba International, Nomura
Asset Management, Mitsui OSK Lines and Sumitomo
They were going to transfer funds to accounts in Spain,
Dubai, Hong Kong and Singapore.
Returning to work after the weekend break, Sumitomo
staff noticed that PCs had been tampered with.
"We quickly established something untoward had
happened when we checked the CCTV footage and
discovered tampering," Kirby told El Reg. "The
sensitivity had been altered, turned down, so that the
cameras didn't record what was happening on the
Security supervisor Kevin O'Donoghue, 34, became
a key suspect once it was realised that computers were
tampered with over the weekend.
He had a couple of friends in a few times.
When challenged by other workers, O'Donoghue claimed
the pair were there only for a card game.
Later, he claimed he was coerced into driving the two
hacking suspects to the bank and letting them in.
Id only as Laptop and Ponytail.
The compromised PCs were formatted in a failed,
rather crude attempt to destroy evidence.
How did these Uber Super Hackers get
access to the to the Secret passwords
even O'Donoghue, security supervisor
didn't know. The audacious Mission Impossible-style
got access but failed. Where is Tom Cruise when
you need him?
It was established the hackers obtained
total access to all the passwords they
needed to pull the theft of the century.
Why did they fail?
The details of the crime have been released.
They used commercial keystroke-logging software -
not spyware or specialist hardware to capture usernames
and passwords needed to make Swift bank transfers.,
"It was a standard key-logger available on the net from a reputable firm of the type parents use to keep an eye on their children," Kirby said. "The use of legitimate technology meant the software was not picked up by anti-virus scanners. And there was no traffic going into or out of the network so it couldn't be detected that way." The software used in the scam, iOpus Starr, is normally used for remote surveillance of networked PCs.
The crooks obtained two sets of Swift login credentials, one
for an ordinary user and one for a supervisor account,
needed to authorise transactions, from two machines.
They had also tested the software on another machine.
The compromised PCs were then formatted in a failed,
attempt to destroy evidence.
These stolen login credentials were used in an unsuccessful
attempt to transfer money to ten overseas accounts under
the control of the master criminals a month later.
So why did the cyber robbery FAIL?
Errors in completing one of the fields in the Swift system
used to make transfers.
( as a broker the biggest wire
transfer I ever did for a client was 3 million dollars, this was
$423 million. G)
If they had filled out the cyber forms correctly then they
would have stolen $423 million USD.
Read the rest of the story here: SOURCE:
They were not uber hackers at all.
Off the shelf software and inside access.
But they were too stupid to understand
how to fill out the forms.
SEX, yes there is some sex in the story.
Soho sex shop owner David Nash, 47, of
Durrington, West Sussex, as suspects in
setting up an international network of bank
accounts used in the scam.
Hmm sex shop, international network of bank
accounts??? Something going on there too.
And, Frenchman Gilles Poelvoorde, 35. Poelvoorde
(Ponytail) was arrested with a USB stick that had the
same digital fingerprint as the key-logging program
used in the Sumitomo scam, along with instructions
on how to carry out the same hack on another bank
outside the UK.
Thats kind of like keeping the guns you used to
shoot someone, these guys were not smart.
Its going to happen just a question of when,
Does your IT security play cards?
Labels: Does your Security supervisor play cards?