Alleged Ponzi Mastermind Hacked In Antigua

← Back to Stories (view on slashdot.org)

Alleged Ponzi Mastermind Hacked In Antigua

Posted by kdawson on Wednesday January 6, 2010 @01:11AM from the honor-among-thieves dept.

krebsonsecurity writes "Criminal hackers apparently involved in break-ins at several US financial institutions also appear to have dug up dirt on Robert Allen Stanford, a man slated to go on trial this month for his alleged part in an $8 billion Ponzi scheme. Quoting: 'In early 2008, while federal investigators were busy investigating disgraced financier Robert Allen Stanford for his part in an alleged $8 billion fraudulent investment scheme, Eastern European hackers were quietly hoovering up tens of thousands customer financial records from the Bank of Antigua, an institution formerly owned by the Stanford Group.'"

51 comments

Min score:

Reason:

Sort:

MMmmmm! by Anonymous Coward · 2010-01-06 01:12 · Score: -1, Offtopic

Frosteeeeeee!
Manbearpig! by Anonymous Coward · 2010-01-06 01:16 · Score: -1, Offtopic

http://www.compeaus.com/frozen.html
huh? by dropadrop · 2010-01-06 01:21 · Score: 1

How was the Ponzi mastermind hacked? Unless I misunderstood something the bank was hacked. Also I find the fact that the bank was owned by Robert Stanford to be the least interesting part of this story, yet it seems to be the main part of the summary.
1. Re:huh? by Anonymous Coward · 2010-01-06 01:24 · Score: 1, Funny
  
  No problem. Don't read the article; it may actually answer your questions. We wouldn't want that.
2. Re:huh? by symes · 2010-01-06 01:26 · Score: 1
  
  Indeed - isn't the institution is now run by the East Carribean Banking Group? Unless there were motivations for the hack other than the obvious...
3. Re:huh? by davidjgraph · 2010-01-06 01:27 · Score: 1
  
  No, it's clearly that the Mastermind has been attacked with an axe and that some Ukrainian guys have been doing cleaning jobs in the Caribbean, maybe a student exchange programme or something?
4. Re:huh? by Rogerborg · 2010-01-06 01:28 · Score: 1
  
  If you haven't figured it out by now "kdawson" is the Slashdot "editors'" troll account. Please don't feed them.
  
  --
  If you were blocking sigs, you wouldn't have to read this.
5. Re:huh? by Jeremy+Erwin · 2010-01-06 01:34 · Score: 1
  
  Indeed - isn't the institution is now run by the East Carribean Banking Group?
  There is no such entity, except in the fevered dreams of a 411 scammer. Perhaps you're thinking of the "Eastern Caribbean Central Bank."
6. Re:huh? by Anonymous Coward · 2010-01-06 01:40 · Score: -1, Troll
  
  LOL, bingo! I love how the subject line of the OP is phrased in such a way as to imply that some shadow group had exacted revenge on an evil Ponzi scheme mastermind.
  Speaking of Ponzi schemes, have you guys heard about the biggest Ponzi scheme of all time? http://www.ssa.gov/
7. Re:huh? by Talderas · 2010-01-06 01:51 · Score: 1
  
  Ah, I see.
  Vikings are responsible for this attack instead of pirates.
  
  --
  "Lack of speed can be overcome. In the worst case by patience." --Znork
8. Re:huh? by dropadrop · 2010-01-06 02:15 · Score: 1
  
  No problem, don't read my comment; you might understand it's wondering why the summary is talking about the least interesting part of the article.
9. Re:huh? by Inda · 2010-01-06 02:22 · Score: 1
  
  They gone to one hell of a lot of effort creating an online presence for him. All that effort, all those websites, that CV...
  
  --
  This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
10. Re:huh? by cayenne8 · 2010-01-06 02:33 · Score: 2, Funny
  
  Hmm. Well, with me, anytime I read a headline with 'Ponzi Scheme', I naturally think of the US Social Security system.
  My first thoughts were "We've offshored out SS to Antigua!?!??".
  
  --
  Light travels faster than sound. This is why some people appear bright until you hear them speak.........
11. Re:huh? by mforbes · 2010-01-06 04:45 · Score: 1
  
  While I've enjoyed many of your past posts, and I realize this one was supposed to have been funny, I find your signature somewhat ironic today.
  
  --
  Allegedly real newspaper headline from 1998:
  Man Struck by Lightning Faces Battery Charge
12. Re:huh? by Runaway1956 · 2010-01-06 05:01 · Score: 1
  
  "How was the Ponzi mastermind hacked?"
  When I read the title, I pictured a machete attack. Really. Those South Americans do that kind of thing. Just go south of the border, and let it be known that you're a Satanist, and you need some children for sacrifices. The next child to disappear will cue the townsfolk beating your door down, armed with torches and machetes.
  Alright, so maybe I'm not really geeky or techie enough to be posting here. Or, maybe my background interferes with my reading of "hacked".
  But, you gotta admit - someone who bilks thousands to millions of people out of hard earned money in a ponzi scheme deserves a nice machete party. ;^)
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
mo3 do3n by Anonymous Coward · 2010-01-06 01:30 · Score: -1, Offtopic

needs OS. Now BSDI the developer you to join the hobby. It was all to deliver wh4t, around return it Join GNAA (GAY Darren Reed, which parties). At THE paper towels, lagged behind,
The headline is dodgy by carlhaagen · 2010-01-06 01:30 · Score: 3, Informative

Was it an alleged Ponzi mastermind in Antigua that was hacked, or was he hacked (while) in Antigua? Come on... We went through this stuff already in 1st grade with Mrs. Applecheeks.
Congress by Anonymous Coward · 2010-01-06 01:31 · Score: -1, Offtopic

have dug up dirt on Robert Allen Stanford [CC], a man slated to go on trial this month for his alleged part in an $8 billion Ponzi scheme.
Why can't we bring up criminal charges against Congress for their Ponzi schemes? This guy is a small-timer compared to them. Social Security: $14 trillion, Medicare Presscription drugs $18.6 trillion, Medicare $74 trillion.
Source USDebtClock.org.
1. Re:Congress by Zantac69 · 2010-01-06 02:35 · Score: 2, Insightful
  
  Oh come on...SSA and medicare is not a Ponzi. Instead of the govt lining the pockets with cash defrauded from the tax payers...they are just pissing it away on a good cause. Thats hardly a crime, right?
  
  *twitch twitch twitch*
  
  --
  1331461 is only semiprime *sigh* Alas - I am just short of 1337.
2. Re:Congress by wprowe · 2010-01-06 02:43 · Score: 2, Insightful
  
  Are you a US citizen? Are your parents old enough to draw social security, and use the medicare benefits? Do they use them? Have you looked at the cost of your parent's prescriptions? Could they afford them without Medicare and Social Security? I'm generally a fiscal conservative and opposed to raising taxes, more government, etc. I didn't vote for Obama. There are some programs that make sense, and these definitely help out people who need them. My mother-in-law would not have had the care she needed for multiple sclerosis had it not been for Medicare and Medicaid. She suffered from multiple sclerosis for 20 years. and was disabled and could not work for nearly a decade of her 20-year struggle with the disease prior to her death from complications related to MS.
  By the way, your figures appear to be incorrect. Remember that social security and medicare are "pay as you go" programs where what is paid in by employers and employees gets paid out to current recipients. It isn't a savings account for you to bank on later. According the Obama's budget summary, social security will run $696B (not $14T), medicare will run $452B (not $76T + $18.6T). That website you quote doesn't even provide a reference to their sources of information. I looked at the President's actual budget. Don't believe everything you read on websites that try to convince you they have "the facts". Always look at where their "facts" are sourced. My numbers are from the White House web page on the President's budget at http://www.whitehouse.gov/omb/budget/Summary_Tables/.
  There are plenty of places where Congress should chop. Take a look at the pork barrel projects in your own state that your own Senators and Representatives toss in to get funding. Take a look at the numerous failed social programs. Take a look at the Federal procurement guidelines and how much it cost us to make an actual procurement. There are so many ways that the Federal procurement process alone could be simplified that would eliminate an enormous amount of wasted spending. For example, a private sector company can by $100,000 in IT assets and have it delivered in a week or two. It takes six months in the Federal government, and reams of paper. The larger the price tag, the more paperwork and time required to make the acquisition. I've worked in both arenas and speak from first hand experience.
  Also take a look at the money the US hands out all over the world, as well as the programs inside the US. There are great causes we should support. There are countries who need help. Unfortunately, there are also plenty of beneficiaries who should not be getting a dime but they have friends in high places.
  The Federal income tax revenue, and income from foreign loan interest and import tariffs, is tens of trillions of dollars annually. It isn't that we don't have enough money to fund the things we need. It is that we fund too many things we don't need. That being said, social security, medicare and medicaid are not in the list of programs "we don't need". If your parents are recipients of any of these programs, ask them how they would be impacted without them.
3. Re:Congress by Archangel+Michael · 2010-01-06 04:58 · Score: 1
  
  LOL Funny.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
4. Re:Congress by Entrope · 2010-01-06 05:16 · Score: 1
  
  Ponzi schemes are all "pay as you go" programs. They collapse because they eventually run out of new people and new input.
  Also, the AC's numbers are based on long-term (I would guess 50- or 75-year) horizons, not a single year -- budget summaries look at single years. Social Security is fine this year because more money is coming in than going out. Within a decade, it will be the other way, and that's when things get hard: the government has been tapping into the Social Security trust fund for decades, and now it will have to pay that fund back.
5. Re:Congress by Entrope · 2010-01-06 05:21 · Score: 1
  
  Also, I overlooked your last paragraph. According to Timothy Geithner and the OMB, the US Federal government had Fiscal Year 2009 receipts of $2.105 trillion and outlays of $3.522 trillion. That's a long way from tens of trillions of dollars -- the entire annual US Gross Domestic Product is only about $14 trillion.
6. Re:Congress by yacc143 · 2010-01-06 05:27 · Score: 1
  
  Ok, social security systems for pensions work like this:
  -) they take the money of new members to pay their obligations to older members.
  Hmmm, sounds familiar right?
  So what would happen if you tried to do such a thing, without a law legalizing your operation?
  And before anyone points out that this is much better than anything bound to stocks, consider that it's fragile too:
  -) bad economy means less "new members" contributing to the system as there are less employees, and they get potentially a lower pay, hence the contribution to the social security system shrinks.
  -) but beyond being dependant on economy, which any pension fund is dependant too, it's also vunerable on a larger time frame base to changes in population. E.g. if you've got some years with less kids, some decades later on, you'll be missing income in the social security system.
7. Re:Congress by Anonymous Coward · 2010-01-06 06:58 · Score: 0
  
  Could they afford them without Medicare and Social Security?
  
  Tell you what. You cut my medicare and FICA taxes to zero, and I'll happily send my folks a check for $9000 ($14000 if you include my employer's half of FICA) every Christmas.
  Oh, wait. I can't afford to send my folks that money, not just because it's already been stolen, but because it's already been spent - and not on taking care of everyone else's parents, but because the Social Security "trust fund" was raided to pay for all the porkbarrel spending against which you quite rightly decry.
8. Re:Congress by Anonymous Coward · 2010-01-06 08:45 · Score: 0
  
  And that $9000 will cover about 1.5 days in a hospital should they ever get sick.
  My Dad worked over 30 years in a steel mill. He's been retired for about 15 years and they no longer cover him or my Mom for insurance, so they're totally dependent on medicare. I won't be surprised if he loses his pension at some point either.
  Sure the govt. is inefficient. It's also the largest employer in the US and has a lot of "divisions" with a CEO replacement every 4-8 years and micromanagers with "department" agendas shuffling in and out on a 2 or 6 year cycle. You put these kinds of demands on any public or private company at the same scale and see if it will do any better...
9. Re:Congress by Phoghat · 2010-01-06 23:57 · Score: 1
  
  "Are you a US citizen? Are your parents old enough to draw social security, and use the medicare benefits? Do they use them? Have you looked at the cost of your parent's prescriptions?" I'm drawing SSDI payments because of adisability which makes me unable to work. I could not afford to pay for my prescriptions and health care without medicaire and medicaid (which I receive after meeting a large spend down each month) I'm not living in luxury, sucking at the nation's teat, but I can get by with a little help from my friends.
  
  --
  Think of how stupid the average person is, and realize half of them are stupider than that.
10. Re:Congress by Anonymous Coward · 2010-01-07 01:55 · Score: 0
  
  I'm drawing SSDI payments because of adisability which makes me unable to work.
  Yet you're able to post to /. ...
Very strange article. by Noryungi · 2010-01-06 01:33 · Score: 4, Interesting

Am I the only one who finds the entire article strange?
Here is what it says about the hack itself:

Once inside of Stanford’s network, the unidentified hackers appear to have swiped the credentials from an internal network administrator, and soon had downloaded the user names and password hashes for more than 1,000 employees of Stanford Financial, Stanford Group, Stanford Trust, and Stanford International Bank Ltd.
Among the purloined files is a listing of what appear to be ownership and balance information for tens of thousands of customer accounts at Bank of Antigua. Each listing includes the account number, owner’s name, address, balance, and accrued interest.
So far, so good.
But here is where it becomes really strange:

It’s also unclear whether the hackers managed to steal any funds from the accounts listed in the recovered documents, or indeed whether the attackers ever had direct access to Bank of Antigua accounts. Still, a set of documents found with the account information suggest the perpetrators did a fairly thorough job mapping the internal networks connecting Stanford offices in Austin, Baton Rouge, Boca Raton, Boston, Denver, Ft. Lauderdale, Houston, Memphis, Miami, Montreal, New York, San Francisco, Sugarland, and Washington, D.C.
What ??!!?? Or, even more clearly: WTF??
Are you trying to tell me that people sophisticated enough to get the credentials of a system administrators, info on hundreds of accounts, including passwords and so on and so forth have not transferred anything?
It's like, I have total access to hundreds of accounts, after cracking open your system security, but I did not take anything?
This thing stinks to high heaven. Either the Ponzi scheme had no money left in it, or I am willing to bet the hackers, whoever they are, have quietly siphoned a lot of money overseas.

--
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
1. Re:Very strange article. by Mashiki · 2010-01-06 01:45 · Score: 0, Offtopic
  
  I don't know...I usually fail to RTFA, and just leave the comments to give me a synopsis.
  
  --
  Om, nomnomnom...
2. Re:Very strange article. by Jah-Wren+Ryel · 2010-01-06 02:21 · Score: 3, Interesting
  
  It's like, I have total access to hundreds of accounts, after cracking open your system security, but I did not take anything?
  Maybe they had an air-gap firewall, or at least a data diode.
  If I were running that sort of network, that's what I would use to partition off the real money from the record keeping.
  
  --
  When information is power, privacy is freedom.
3. Re:Very strange article. by mcgrew · 2010-01-06 02:21 · Score: 2, Interesting
  
  Maybe there weren't any hackers. Maybe it was Stanford himslef trying to make an alibi to stay out of prison. "No, it wasn't a Ponzi scheme, we were hacked!"
  
  --
  Free Martian Whores!
4. Re:Very strange article. by elrous0 · 2010-01-06 02:23 · Score: 1
  
  Smart criminals don't rob a place the second they get the key. They plan out how best to use it, the best time to use it, what the most profitable/least noticeable target is, etc. first. These guys just weren't quite smart *enough*.
  
  --
  SJW: Someone who has run out of real oppression, and has to fake it.
5. Re:Very strange article. by zig007 · 2010-01-06 02:55 · Score: 0
  
  If I were running that sort of network, that's what I would use to partition off the real money from the record keeping.
  Except that in the majority of these systems, the records ARE the real money.
  The banking system(and the economy in general) works through a complex debt management system.
  There is not much actual money or assets there, or at least not more than needed to comply with local legislation.
  
  --
  Baboons are cute.
6. Re:Very strange article. by Anonymous Coward · 2010-01-06 03:02 · Score: 2, Funny
  
  This thing stinks to high heaven. Either the Ponzi scheme had no money left in it, or I am willing to bet the hackers, whoever they are, have quietly siphoned a lot of money overseas.
  Parhaps it was the infamous Eastern European hacker Robertski Allenovitch Stanfordski
7. Re:Very strange article. by Jah-Wren+Ryel · 2010-01-06 03:19 · Score: 3, Informative
  
  Except that in the majority of these systems, the records ARE the real money.
  Ok, let me be more precise - I would partition off the systems connected to the electronic funds transfer network from the rest of the systems. Requests for transfers would come across the data-diode and then require a manual confirmation in order to execute.
  
  --
  When information is power, privacy is freedom.
8. Re:Very strange article. by kriston · 2010-01-06 03:37 · Score: 1
  
  Reading through the documents at http://www.stanfordfinancialreceivership.com/ the Stanford Financial Group was apparently designed to obfuscate information so that investigators couldn't make heads or tails of it. This is why all the computer equipment in all 30 offices were shipped to a single warehouse in Texas so that investigators could try to piece it back together.
  Secondly, the revelation of this information by the hackers indicates it did not have useful value except perhaps by someone who didn't want the money (if it even existed), like the investigators.
  Third, even if the scheme had actual money in it to transfer, there was no such system to do that.
  
  --
  Kriston
9. Re:Very strange article. by kriston · 2010-01-06 03:40 · Score: 1
  
  Just to quickly follow up: password hashes aren't passwords. They didn't get the users' passwords--just the means by which they might hack them with a password cracker, but again, there is likely nothing worthwhile to "transfer" even if they could do that.
  
  --
  Kriston
10. Re:Very strange article. by Hoi+Polloi · 2010-01-06 04:01 · Score: 1
  
  When schemes like this are based on obfuscation I have to wonder if the people running them know what exactly is going on in their own system. How do they keep track of it? How do they get money out of it? It is like setting up too many fake names and passwords, eventually you forget one yourself.
  
  --
  It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
11. Re:Very strange article. by Gilmoure · 2010-01-06 04:12 · Score: 1
  
  Sure, money has disappeared from the bank run by a ponzi guy and 'hackers' did it. Makes sense.
  
  --
  I drank what? -- Socrates
12. Re:Very strange article. by jafac · 2010-01-06 06:40 · Score: 1
  
  Or "Sir" Allen "Stanford" is trying to convince prosecutors that he didn't REALLY run a huge ponzi scheme, and it was all these evul ruzzkie haX0rz who broke into his system, stole his money, and set up his records to make him look like a fraud.
  This guy is the accountant for the Texas Mafia.
  You know.
  The criminal organization that just got through pulling off the biggest crime in human history by planting a patsy in office as US President for the past 8 years, giving them access to the US Treasury, warrantless wiretapping, (ie. limitless blackmail material), and the largest and most powerful military on the planet.
  The extent of their crimes will never really be known outside of circles of the most extremely paranoid (and thus most well-informed) conspiracy theorists. The reason they act like amateurs, is because it amuses them when they do so, and still get away with their crimes.
  (You think Ken Lay really had a heart attack and died before he went to trial?)
  
  --
  
  These are my friends, See how they glisten. See this one shine, how he smiles in the light.
13. Re:Very strange article. by hesaigo999ca · 2010-01-06 07:45 · Score: 1
  
  More like the banks did not want to admit anything had been taken, so did not disclose that part, so no harm done right.....until the next bailout is needed!!!
14. Re:Very strange article. by Runaway1956 · 2010-01-06 11:00 · Score: 1
  
  I guess it's possible. I can and have gotten inside of networks. But - I know squat about the banking industry. If I had every detail about your banking, and there were billions at my fingertips, I don't know how to move it around. I mean - should I go see my banker, and explain that I've hacked your system, and that I want him to transfer 8 billion dollars into liquid assets, all in my name? Uh-huh. I've an idea that when the banker has all the necessary details, I will become an unnecessary liability, and be disappeared.
  I don't guess that even with the money right in front of me, I could learn overnight how to move it around untraceably.
  How about you? Can you maybe break into a system, with a little luck? What would YOU do with billions of dollars? Remember - the clock is ticking. The longer you take to decide, the more certain you are to be discovered.
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
15. Re:Very strange article. by kriston · 2010-01-07 03:22 · Score: 1
  
  That's right. The only place the knowledge exists is inside "Sir" Allen Stanford's brain.
  Discovery is going to be an awesome story to read.
  
  --
  Kriston
Chain of Custody by Jeremy+Erwin · 2010-01-06 01:37 · Score: 1

Sounds like an illegal search and falsification of evidence.
Get out of jail free card? by new+death+barbie · 2010-01-06 02:03 · Score: 1

"Sorry, your honor, but it was those darned hackers! They broke into the bank's computers, took the money, and left a trail of evidence pointing to me! I been framed!"

--

It's supposed to be completely automatic, but actually you have to press this button.
OT: your sig by Tim+C · 2010-01-06 02:09 · Score: 0, Offtopic

Quanta is already plural (it's the plural of quantum), so "quantas" is not a word.
But I suspect you know that and have simply typoed it...

--
It's official. Most of you are morons.
Lost Money Anyone by b4upoo · 2010-01-06 02:10 · Score: 2

It sounds to me like a bunch of US tax avoiders may well have lost their financial behinds in that bank. Justice!
Kadima? by Jeremy+Erwin · 2010-01-06 02:40 · Score: 1

So, is Kadima a lowly Panamanian import/export firm? Or is it a front?
WARNING: OT by Anonymous Coward · 2010-01-06 03:58 · Score: 0

Thank you for taking the time to write that.
Maybe it was a real hacker by witherstaff · 2010-01-06 06:19 · Score: 1

You know the type of person that hacks for the challenge and not for a profit motivator. Back in the 90s I had a talk request from in network, so I knew something odd was up. College kid saw an interesting domain name I hosted, broke in through a pop3 weakness and grabbed a telnet password. He talked to me to let me know what he did. This let to closing telnet to co-hosted machines and also giving him the email address he asked for. I had no real problem with this as no damage was done. It also showed a weakness in the network that was able to be closed.