Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Steal $6.7M In Bank Cyber Heist

Posted by Soulskill on from the not-nearly-as-dramatic-as-a-regular-heist dept.

Orome1 writes "A perfectly planned and coordinated bank robbery was executed during the first three days of the new year in Johannesburg, and left the targeted South African Postbank — part of the nation's Post Office service — with a loss of some $6.7 million. The cyber gang behind the heist was obviously very well informed about the post office's IT systems, and began preparing the ground for the heist a few months before, by opening accounts in post offices across the country and compromising an employee computer in the Rustenburg Post Office."

6 of 91 comments (clear)

  1. Re:Organized trolling campaign on Slashdot by TheCouchPotatoFamine · · Score: 1, Interesting

    Not sure if serious. he posted evidence, you just don't like it. Refute the claims.. oh wait you won't even post your name. great job.

    --
    CS majors know the time/space tradeoff, but they never get taught the 3rd, crucial, tradeoff of the set: comprehension!
  2. Re:Organized trolling campaign on Slashdot by alphatel · · Score: 3, Interesting

    He only expects further trolling, which has been granted.

    --
    When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
  3. Surprised it took so long for somebody to do this by gweihir · · Score: 4, Interesting

    I was part of a small team that described a pretty similar attack scenario to a customer almost 10 years back. It is no surprise at all that this worked and it would work in a lot of other places as well. The only really tricky part is coordinating the mules (and keeping them quiet) as you do not know how much money is available at each specific ATM. But you can guess by observing usage patterns (counting customers) and how often they are re-stocked.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  4. FTFY by drainbramage · · Score: 3, Interesting

    Politicians have been stealing much larger amounts for years.

    --
    No brain, no pain.
  5. honestly, this has probably happened in the USA by decora · · Score: 4, Interesting

    im guessing that the main reason it seems like an 'unusual south africa thing' is because US banks never, ever talk about this kind of thing.

    partly out of embarassment, partly because the entire system is based on 'security through obscurity'.

    ----

    of course, oblig. comment about how thousands of US banks failed in 2008/9/10 due to the CDO fraud system - which directly involved and benefited the ratings agencies. but its almost like nobody cares about that. they care about 5 million stolen from ATMs, but not about 2 trillion stolen from the taxpayers.

  6. ...sigh... and they worked SO hard on the book. by Shadowruni · · Score: 4, Interesting
    Read "Stealing the Network: How to own a Continent"

    The whole book is this heist.

    Literally.

    Just check out the summary.

    The thing that makes this book series special is that they don't say, "I ran nmap and knew from the output they were running a webserver."

    They say "I ran nmap with 'sudo nmap -P0 -T3 -p 80 127.0.0.1 -oA localscan'

    And got:

    Starting Nmap 5.21 ( http://nmap.org/ ) at 2012-01-17 20:55 PST Nmap scan report for localhost (127.0.0.1) Host is up (0.000083s latency). PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds And could see from the line "80/tcp open http"

    http://www.amazon.com/Stealing-Network-How-Own-Continent/dp/1931836051

    //Has the whole series and still remembers the props I got from Blue bore.

    ///Yes I know the example is a bit contrived but that is exactly how they present information in the series and I learned a lot from it.

    --
    "Chinese Amazons, power armor, laser swords.... things just meant to be." - Shampoo, A Very Scary Bet