Slashdot Mirror
Malaysian Indicted After Hacking Federal Reserve
wiredmikey sends along a security story that looks like it could be one to watch. Lin Mun Poo was arrested shortly after arriving at New York's John F. Kennedy International Airport in late October, traveling to the US on business. The 32-year-old resident of Malaysia was observed by an undercover Secret Service agent selling stolen credit card data in a diner. After arresting him and seizing his laptop (which was "heavily encrypted"), authorities discovered evidence of far more serious security breaches. According to documents from the Department of Justice, Lin Mun Poo had hacked into the Federal Reserve Bank of Cleveland and stolen over 400,000 credit and debit card numbers. Also, according to authorities, Mr. Poo managed to hack into FedComp, a data processor for federal credit unions, enabling him to access the data of various federal credit unions. He also hacked into the computer system of a Department of Defense contractor that provides systems management for military transport and other military operations, potentially compromising highly sensitive military logistics information.
is a load of Poo.
Serioulsy?
Well, for the record, there is an architect named I. M. Pei.
He stole stolen credit card numbers? They ended up being twice stolen? And why was the Federal Reserve Bank harboring stolen numbers anyway?
...Lin Min was always so much more misbehaved than his brother, Hu Flung Poo?
He who knows best knows how little he knows. - Thomas Jefferson
I'm guessing they used the standard government decryption algorithm HWBUO (Hit With Brick Until Open)?
#fuckbeta #iamslashdot #dicemustdie
Why are these things even connected to the internet if there is the danger of cracking them?
"Is that real poncho or a Sears poncho?" ~~FZ
He's a character in a potty-training book I used to read to my daughter.
Unlike the book, this Mr. Poo is going to the Grown Up potty where Mr. Bubba will enjoy Mr. Poo's company...
Trolling is a art,
"Lin Min Poo had hacked into the Federal Reserve Bank of Cleveland and stolen over 400,000 stolen credit and debit card numbers."
The native American did. And look where that got them...
Bernanke's QE2?
Hackers want to know.
Yours In Minsk,
K. Trout
I feel like it's an episode of South Park - hey there, Mr. Poo.
From TFA:
"To have the skills to break into highly sensitive systems like that is an impressive level of criminal activity," said Kurt Baumgartner, a senior security researcher for Kaspersky Lab, a computer security firm.
- yeah, I bet it takes impressive level of criminal activity consisting of some 'LOL Cat' or maybe a 'Hot Malaysian Massage' screen saver and off the shelf 'back-orifice' of some sort.
But anyway, what did this guy do that the Fed isn't doing anyway?
traveling to the US on business
- that right there is a punishable offense, well at the very least your 'junk' may have to be touched.
The 32 year-old resident of Malaysia was observed by an undercover Secret Service agent
- they are making it sound much dirtier than it was.
selling stolen credit card data in a diner
- stay classy Mr. Poo. At a diner?
Why can't you be more respectable and do it like the Fed does, they sell their junk bonds on the bond market, with bells and whistles.
After arresting him and seizing his laptop (which was "heavily encrypted")
- with ROT13
authorities discovered evidence
- as I said, with ROT13.
Lin Min Poo had hacked into the Federal Reserve Bank of Cleveland and stolen over 400,000 stolen credit and debit card numbers.
- BASTARD! How dare he steal the STOLEN credit card numbers? Fed was just going to sell them themselves at a diner.
Also, according to authorities, Mr. Poo managed to hack into FedComp, a data processor for federal credit unions, enabling him to access the data of various federal credit union.
- various 'credit union'. Yeah, that one credit union is extremely 'various' indeed.
He also hacked into computer system of a Department of Defense contractor that provides systems management for military transport and other military operations, potentially compromising highly sensitive military logistics information.
- well, in his defense, he was just going to sell that highly classified systems management information at a better restaurant, he has SOME standards.
"If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians, the people with real capabilities, are able to do
- OMG! Call the Pentagon, they need to check if the database of the stolen mortgage back securities papers hasn't been stolen!
In fact, the penetration of sensitive national security computers by overseas hackers — many of them believed to be state sponsored — is rapidly emerging as one of the country’s most alarming national security threats, officials said. And the threat is not just from foreign governments and for-profit hackers. Officials have also expressed worries that terrorist groups may be capable of the same sorts of sophisticated penetrations.
- clearly, more F35s are needed to stop these attacks. What was that about the Republicans voting to STOP pig, I mean pork spending?
HOW, just HOW will they STOP all that pork spending if there is clearly so much that needs to be done right now, to prevent the terrorists from winning by 'hacking' into the White House and stealing the toilet cleaning schedule?
Pentagon officials said Sunday they were unable to respond immediately to questions about whether Poo's hacking of the contractor's computers had compromised military troop movements. But spokesman Bryan Whitman said in an e-mailed statement to NBC News: "We are keenly aware that our networks are being probed everyday. That's precisely why we have a very robust and layered active defense to protect our networ
You can't handle the truth.
Mr. Poo forgot to 'Wipe' the data off hist laptop.
For what its worth, his name Lin Mun Poo, not Lin Min Poo
POO lin Mun indictment
Although I am curious to know if his name is being reported correctly. Is Poo his family name or is it Lin? Can anyone familiar with Malaysian names give an opinion?
I am Slashdot. Are you Slashdot as well?
Did anyone else notice the lovely little bit of racism at the top of the article: ... are able to do' "
"'If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians
With the net someone from anywhere has just as much access to all the information you'd need to learn how to do this.
there's nothing special about the chinese, the russians or the americans, hackers come from everywhere.
Seriously.
I'd suggest that he seek asylum on the island nation of Fernando Poo, but that might create an international crisis that leads us to the brink of nuclear war.
I can see the fnords!
This guy is obviously talented, he must know a lot about security related things.
So after cracking all this high profile targets, he uses his bright mind to decide on a travel to the USA... And bring his laptop... With all evidence still on it...
I'll bet he will serve a far harsher sentence than rapists and child diddlers, because this involves the almighty dollar.
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
I'll bet he will serve a far harsher sentence than rapists and child diddlers, because this involves the almighty dollar.
After someone empties your bank account, let me know how you feel.
If you want news from today, you have to come back tomorrow.
I'm afraid that I didn't notice it for all of the racism in these comments.
"'If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians ... are able to do' "
No racism there, except for extremely expansive gratuitously warped definitions of racism.
There are well-known large hacking rings in Russia and China. It is not difficult to imagine that many hackers working together are obviously a potentially larger threat than one hacker, assuming individuals of comparable skill and knowledge; the conclusions are obvious and have nothing to do with race.
There are some Malaysian hacking rings, but less well known to the public and the popular media.
Even if the more adept hackers happened to be in China, and it was stated, it wouldn't imply anything about race. As there are other factors involved, such as government being involved and promoting hacking, or there being stronger penalties for hackers in a country. The amount of technology available in a country, and the state of its economy and culture also effect such things.
In any event, Racism is defined as using power, for example, force, government authority, business decisions, or threat of violence/harm to promote the superiority of one race or to marginilize another.
Besides race there are a lot of differences between the culture and environment in Malaysia VS Chinese/Russian countries, ability to hide, and access to certain resources.
There is nothing in the article indicating the Malaysian race is somehow inferior, or evil, or that hackers of the Chinese/Russian race are superior, inferior, or more evil, ergo no racism.
Nope, they screwed it up. His family name is "Lin", his given name is "Mun Poo".
However, since he is Malaysian Chinese, things get weirder, Malaysian Chinese may write their name Chinese order "Lin Mun Poo", western order "Mun Poo Lin", without family name "Mun Poo", a single Arabic name e.g. "Muhammad", a single English name or an English name with a Chinese surname e.g. "David Lin". Any one of these might be what is written on this individual's birth certificate.
When Argumentum ad Hominem falls short, try Argumentum ad Matrem
I think the emphasis should be on the "some guy" aspect rather than the "Malaysia" aspect. The fact of the matter is, China and Russia aren't exactly hiding the fact that they have large populations of people who are basically dedicated to computer intrusion, espionage and intelligence gathering, many of whom receive partial or full government support, or are in fact government employees. While we have our own NSA, Russia and China seem to have lots of general citizens who are engaging in such activities for avowed nationalist purposes. I have a somewhat hard time believing that if I started hacking foreign governments and then went down the road here to share what information I may have gleaned that I'd be welcomed with open arms.
Malaysia isn't a country one generally hears about engaging in this type of activity. He could have been from Andora for all it matters, and the message would be the same: if one guy, no matter where he's from, without the support of his own government intelligence agencies, is able to obtain this type of information and access, then malicious state actors should have no trouble doing so. Also, the fact that his access to logistical information wasn't noticed until the course of what started out as a simple criminal investigation by the appropriate authorities (Secret Service being under the authority of the Treasury Department), that's kind of scary. It means that the Russians, Chinese, Iranians, or anyone else might also have had access to that same data and no one was apparently paying any attention, or there are unknown security flaws which were exploited and thus there were no IDS/IPS rules to catch the activity and raise any flags.
This dude is somewhat irrelevant compared to the wider implications of the non-credit-related activities, which are also pretty much straight up crime.
How could those companies that were in charge of military intel have been so loose as to place the computers that are to contain the intel that is lcassified to access the internet so easily. That is 1) prob right there....secondly, the banks again should not have their main data available to the web as well, although seeing some of the banks today using everything web faced, I can not really blame them, they are all just sheeping along...but military should have known better.
This guy is a bad apple, but does not mean all of them will be the same, if this guy has access to all that info right at his finger tips, did he have a botnet working , did he have access to screenshots, and keyloggers, I would like to know more details, and also help push the banks to take further steps in securing their networks.
The amount of money that that theif would have been able to steal with 400,000 credit card numbers is NOTHING compared to the amount of money that the Federal Reserve bank steals from Americans everyday via debt slavery and monetary debasement.
I am pie, or am I mispronouncing the last word.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
This is why we should just replace the internet with a big swimming pool that we can all enjoy. The most you'd possibly lose is your bathing suit, and that's generally fun for everybody.
...wondering why the hell the federal reserve knows anything about our accounts? While I understand that the fact that this was, in fact a security breach, the problem isn't how the hacker got in, but why the data was there for him to steal in the first place! I saw somewhere (I think maybe even here on /.) that world governments apparently buy more digital storage every year and it had a figure for what percent of produced storage governments bought. Does anyone have any doubts about what they are storing?
In addition, if we're going to indict some random malaysian hacker for stealing our data, let's go ahead and do the same for our own government, which seemingly saw fit to do the exact same thing by snooping on traffic at the telco level. How is that NOT stealing??
"Watch out where those Huskies go and don't you eat that yellow snow" - FZ
Maybe we need a Reiser tag for it?
Thou shalt always read the title of a post before replying to it.
Clearly it means 'If one guy from a "friendly" country can do that, imagine what agents of the "unfriendly" countries can do with the backing provided by the state'.
Incidents like this demonstrate that when the Government says they'll keep your data secure and private (body scanner data, for example) that it's representatives are either intentionally lying or naive, or both.
But they still demand more "tools" (ie- power) and insist that they are competent custodians. No government should ever be trusted this much, no matter how just and righteous it is.
Does Slashdot have a grouping named "People not yet convicted of breaking the law, but ehhhhhh, it really looks like they did"?
A new grouping named 'Crime' would fit the bill imo.
Reply to That ||
Seriously, why does the Federal Reserve have consumer credit card numbers? We're not talking about TJ Maxx here: unless I'm mistaken the Federal Reserve only does business with banks, they have nothing to do with ordinary consumers and their silly bits of plastic.
People putting their income tax payments on plastic, maybe? I'm stumped.
There is nothing in the article indicating the Malaysian race is somehow inferior, or evil, or that hackers of the Chinese/Russian race are superior, inferior, or more evil, ergo no racism.
"Malaysian" is a term used to describe a citizen of Malaysia, a nation comprised of people from different ethnic groups. "Malay" is an ethnic term that can describe people from one of those groups. The expression "Malaysian race" is as meaningless as "American race" or "Canadian race."
stolen over 400,000 credit and debit card numbers
So the owners of the cards opened their wallets and found no numbers left on their cards any more? Since the numbers were stolen.
It could be worse, there is a Whitehead Institute near me. Then there is Mr Lipschitz.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Did anyone else notice the lovely little bit of racism at the top of the article: ... are able to do' "
"'If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians
With the net someone from anywhere has just as much access to all the information you'd need to learn how to do this.
there's nothing special about the chinese, the russians or the americans, hackers come from everywhere.
The word you were looking for was probably "Xenophobia", not "racism".
So, the guy was smart enough to hack into a federal reserve and get 400 k card nos, smart enough to hack into a dod contractor and acquired sensitive budgeting and military information, but, he was stupid enough to come to usa to sell a number of credit card numbers at a FUCKING DINER.
excuse me, but that kind of bullshit can only make idiots believe itself. anyone who has the slightest understanding of tech world will know that the person at a caliber like the above will never leave deep, unreachable recesses of china, russia, or wherever country his is, and will never send any drones to conduct business with computers containing very critical information like the above. especially, not into a country that he has hacked.
im guessing that, this setup was arranged by the u.s. government to reinforce its hands in arguing for 'greater security measures' (locking in and censorship) for internet in the recent ridiculous statements it is making, trying to set up an agenda. and the federal reserve hack and dod contractor hack data was probably implanted by 'other sources' involved in the affair.
Read radical news here
The Federal Reserve hacked into US Dollar savings and stole $4 trillion.
Not racism, just unclear. To translate, if an individual from a relatively neutral country can do this, imagine what the large group of state backed hackers from less friendly countries can do with their resources.
Use your Federal Reserve MasterCard/Visa and earn Bail Out Points to help you avoid bankruptcy. Pay zero % interest for the first election cycle on balances up to 2 Trillion!
With the net someone from anywhere has just as much access to all the information you'd need to learn how to do this. there's nothing special about the chinese, the russians or the americans, hackers come from everywhere.
There is something special about "the americans", a lot of them are rather monolingual. It is harder for a monolingual non-X speaker to crack an X computer system than for a multilingual non-X speaker. Someone who speaks/understands some X has an even bigger advantage. Most people from Malaysia know Malay, Lin Mun Poo probably knew Chinese, selling data in "a diner" probably requires some fluency in English.
Offtopic? Really? When there's a good dozen sub-threads commenting on the man's goddamned name? Sorry guys, but this racist bullshit has made itself the topic.
It's the FED. He shouldn't have stolen credit card numbers, he should have printed a fantazillion dollars for himself.
I guess he'd have to wait until Bernanke is done with the printing press, though.
You are, it's more like Pay.
I think the real story is that we have a serious threat to US defence and security coming from Malaysia.
According to US foreign policy of the last decade, it would appear that the appropriate response is to invade Norway.
Like when Brazilian Smugglers were p0wwn^h^h^h^h^h^using USA com satellites to coordinate their doings?