Hacker cleans out bank accounts

Spinner

One of South Africa's largest banks has been recently targeted by a hacker, who has managed to pinch hundreds of thousands of rands by breaching their customers accounts over the Internet.

It is alleged that the hacker was able to use spyware to gain access to the PC's of the banks un-suspecting customers, which resulted in the perpertrator being able to have access to their Internet banking information.

A lesson to us all I think. You should constantly check that your computer isn't home to any spyware and other applications which could be potentialy used to compromise your systems security.

"It is a new trend called spyware. This has got nothing to do with the bank. It records keystrokes, like your account and PIN number, and then it e-mails the information to a Hotmail mailbox,"

The full story:
http://www.sundaytimes.co.za/2003/07/20/news/news01.asp

DanG

That's similar to some kid that used to work at kinkos and installed a keystroke logger and pinched hundreds of bank acct #'s and pin's. He got busted by the fbi.

GHoosdum

Haha... I thought it said "hooker cleans out bank accounts"

Dexter

The problem with that crime is that he sent the info to a Hotmail account. If M$ decides to cooperate with the police, soon they will have the IP addresses that account has been accessed from. If he made internet transactions, they can track the account he transferred to. I suspect that he will get caught.



Dexter...

EMT

Yeah, how could he not get caught? He had to put the money somewhere...

Dexter

We had a couple guys caught here in the Vancouver area recently, having used forged bank cards and stolen PINS to withdraw money from ATM's.

Instead of the old "double-swipe" method (hard to do now because so many stores have installed "swipe-them-yourself" style readers for security) these guys installed a small video camera in the roof of the gas station they worked at (probably an X10 they bought off a Pop-Up Ad ) and used it to videotape people's PIN numbers as they punched them into the pad, which they had "conveniently" taped down to the counter.

To get the on-card data they split the phone line from the terminal, and recorded the data tones (not sure if they did that digitally or with an analog recorder.) Eventually, they put the stolen data tones into a computer, figured out their numeric equivalents, then burned that info onto blank magnetic cards. So, now they had a bogus card, and the person's PIN number form the video. Pretty good technical skill here. They waited until they had amassed a number of cards, then hit some bank machines, and withdrew as much as they could get from the accounts.

Seemed like a "smart crime" by some "smart thieves", right? Ya, except for the part where the police looked at the transaction records of all the complainants, saw thay they had all been to one gas station very recently. It was simple from there to determine who worked at the gas station, match their prints to the prints taken from the equipment, seize the electronics in their homes, and confiscate their suddenly bulging bank accounts. Losers. Wanna bet the cops even have their faces on camera from the ATM's they made the withdrawls on??

My point is - the problem with tech crime is not leaving a record, which, in this age of having all electronic transactions recorded, is difficult to do.

Dexter...

maxanon

My opinion is that if you're gonna steal, steal big. Then run far away and never come back.

Most people do something bad and in the quiet after the rush they think that they won't get caught. Until they hear the crunch of gravel and a police battering ram opening their front door.