Internet Anthropologist Think Tank: Does your Security supervisor play cards?

  • Search our BLOG

  • HOME
    Terrorist Names SEARCH:

    Saturday, May 16, 2009

    Does your Security supervisor play cards?

    Does your Security supervisor play cards?

    Target $423 million Toshiba International, Nomura 
    Asset Management, Mitsui OSK Lines and Sumitomo 

    They were going to transfer funds to accounts in Spain,
    Dubai, Hong Kong and Singapore.

    Returning to work after the weekend break, Sumitomo 
    staff noticed that PCs had been tampered with.

    "We quickly established something untoward had 
    happened when we checked the CCTV footage and 
    discovered tampering," Kirby told El Reg. "The 
    sensitivity had been altered, turned down, so that the 
    cameras didn't record what was happening on the 
    trading floor."

    Security supervisor Kevin O'Donoghue, 34, became 
    a key suspect once it was realised that computers were 
    tampered with over the weekend.

    He had a couple of friends in a few times.
    When challenged by other workers, O'Donoghue claimed 
    the pair were there only for a card game.

    Later, he claimed he was coerced into driving the two 
    hacking suspects to the bank and letting them in.

    Id only as Laptop and Ponytail. 

    The compromised PCs were formatted in a failed, 
    rather crude attempt to destroy evidence.

    How did these Uber Super Hackers get
    access to the to the Secret passwords
    even O'Donoghue, security supervisor
    didn't know. The audacious Mission Impossible-style
    got access but failed. Where is Tom Cruise when
    you need him?

    It was established the hackers obtained
    total access to all the passwords they 
    needed to pull the theft of the century.

    Why did they fail?

    The details of the crime have been released.

    They used commercial keystroke-logging software - 
    not spyware or specialist hardware to capture usernames 
    and passwords needed to make Swift bank transfers.,

    "It was a standard key-logger available on the net from a reputable firm of the type parents use to keep an eye on their children," Kirby said. "The use of legitimate technology meant the software was not picked up by anti-virus scanners. And there was no traffic going into or out of the network so it couldn't be detected that way." The software used in the scam, iOpus Starr, is normally used for remote surveillance of networked PCs.

    The crooks obtained two sets of Swift login credentials, one 
    for an ordinary user and one for a supervisor account, 
    needed to authorise transactions, from two machines. 
    They had also tested the software on another machine. 
    The compromised PCs were then formatted in a failed, 
    attempt to destroy evidence.

    These stolen login credentials were used in an unsuccessful 
    attempt to transfer money to ten overseas accounts under 
    the control of the master criminals a month later.

    So why did the cyber robbery FAIL?

    Errors in completing one of the fields in the Swift system 
    used to make transfers. 
    ( as a broker the biggest wire
    transfer I ever did for a client was 3 million dollars, this was
    $423 million. G)

    If they had filled out the cyber forms correctly then they
    would have stolen $423 million USD.

    Read the rest of the story here: SOURCE:


    They were not uber hackers at all.
    Off the shelf software and inside access.
    But they were too stupid to understand 
    how to fill out the forms.

    SEX, yes there is some sex in the story.
    Soho sex shop owner David Nash, 47, of 
    Durrington, West Sussex, as suspects in 
    setting up an international network of bank 
    accounts used in the scam.
    Hmm sex shop, international network of bank 
    accounts??? Something going on there too.

    And, Frenchman Gilles Poelvoorde, 35. Poelvoorde 
    (Ponytail) was arrested with a USB stick that had the 
    same digital fingerprint as the key-logging program 
    used in the Sumitomo scam, along with instructions 
    on how to carry out the same hack on another bank 
    outside the UK.

    Thats kind of like keeping the guns you used to
    shoot someone, these guys were not smart.

    Its going to happen just a question of when,
    not if.

    Does your IT security play cards?





    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home