Crooks Arrested Over KVM-Based Bank Heist Attempt

← Back to Stories (view on slashdot.org)

Crooks Arrested Over KVM-Based Bank Heist Attempt

Posted by timothy on Friday September 13, 2013 @07:31PM from the worse-than-an-annoyatron dept.

judgecorp writes "Twelve men have been arrested over an attempt to take control of computers at a Santander bank branch in London using a stealthily planted KVM (keyboard, video and mouse) switch installed by a bogus maintenance engineer. The men were caught by the Metropolitan Police's Central e-Crimes Unit."

79 comments

Min score:

Reason:

Sort:

Foolish. by Anonymous Coward · 2013-09-13 19:36 · Score: 5, Insightful

Everyone knows if you want to rip off a bank. You need to BE the banker.
That way you get the money. And then the goverment comes and gives you MORE money. Win. Win. No jailtime.
1. Re:Foolish. by Anonymous Coward · 2013-09-13 20:42 · Score: 0
  
  So brave. So edgy.
2. Re:Foolish. by mcgrew · 2013-09-13 22:05 · Score: 0
  
  The former president of the bank I use (a small local bank) is now Mayor of Springfield, elected after our previous Mayor (Does he look familiar?) shot himself.
  I wonder what's more lucrative, being President of a small bank or Mayor of a capital city? I'm sure it pays better than any criminal activity except maybe being a Colombian drug lord. A whole lot safer, too.
  
  --
  Free Martian Whores!
3. Re:Foolish. by Anonymous Coward · 2013-09-13 22:07 · Score: 0
  
  You don't understand how bad it is. 97% of the money in existence is money which BANKS created - out of thin air. 97% of the money in existence was loaned out by banks - and is therefore a DEBT to the banks - which means WE owe the banks 97% of the money in existence - do you understand the implications of this? Somebody, somewhere, owes that money to the banks, and it has to be paid back, or the banks seize their assets. But the banks created the money out of nothing in the first place, and certainly didn't have the public's blessing to do this.
  www.positivemoney.org
HI I'm Sarah Brightman.. by Anonymous Coward · 2013-09-13 19:57 · Score: -1

Let's talk about KVM switches..
HI I'm Sarah Sharp. by Captain+Coolwater · 2013-09-13 20:12 · Score: 0

All Intel upstrem patches are belong to me.
KVM? by Anonymous Coward · 2013-09-13 20:19 · Score: -1, Troll

So we need an acronym for keyboard video and mouse now? Really?
1. Re:KVM? by Anonymous Coward · 2013-09-13 20:26 · Score: 5, Informative
  
  "Now"? KVM has been an acronym for years, if not decades.
2. Re:KVM? by Anonymous Coward · 2013-09-13 20:41 · Score: -1
  
  You really think that makes it less bullshit? Imma use my KID (Key In Door) to access this domocile, then MMD (Microwave My Dinner) and SAWT (Sit And Watch Television). It's like language gone tacticool.
3. Re:KVM? by mccalli · 2013-09-13 20:44 · Score: 5, Informative
  
  The article missed the rather crucial word 'switch'. Keyboard/Video/Mouse switch.
4. Re:KVM? by fellip_nectar · 2013-09-13 20:47 · Score: -1, Troll
  
  STFU
  
  --
  Worst. Signature. Ever.
5. Re:KVM? by Anonymous Coward · 2013-09-13 20:51 · Score: 0
  
  I don't expect even the most accomplished geek to know every acronym, but you don't even know kvm you need to hand back your credentials, and don't let the door hit your ass on the way out. Thank you.
  Personally, used my first KVM in 1998 - but they've been around since the 80's
6. Re:KVM? by jonbryce · 2013-09-13 21:00 · Score: 1
  
  Yes, since people started using mice in their computers. Before that it was a KVS (Keyboard Video Switch).
7. Re:KVM? by philip.paradis · 2013-09-13 21:11 · Score: 0
  
  The clarification was almost certainly intended to disambiguate KVM switches from Linux KVM virtualization.
  Apparently, you're not old enough to have ever seen a KVM switch, and your awareness of current technologies isn't keen enough to know about KVM virtualization. Neither of these conditions is a bad thing, but the snide tone of your comment was unwarranted in light of the facts.
  
  --
  Write failed: Broken pipe
8. Re:KVM? by Anonymous Coward · 2013-09-13 21:41 · Score: 2, Interesting
  
  http://www.raritan.com/products/kvm-over-ip/
  this is hardly esoteric
9. Re:KVM? by zwarte+piet · 2013-09-13 21:42 · Score: 5, Funny
  
  Using mice in computers is not recommended, they chew on the wires and poo and pee on the boards. I've been using the MIC (Mice In Cat) protocol to prevent that.
10. Re:KVM? by Anonymous Coward · 2013-09-13 22:04 · Score: -1
  
  Slashdot's Timothy is a Jew, and as such wants America to go to war for Israel, because terrorism. Iran and Syria EVIL!
  -- Ethanol-fueled
11. Re:KVM? by richlv · 2013-09-13 22:26 · Score: 2
  
  you received several ac replies, i'll do it while logged in.
  'kvm switch' (the last word missing from the summary for some reason) is a product that has existed for a long time. they are primarily used in server rooms along with a rackmountable display/keyboard//mouse (usually a touchpad, although i prefer trackball a lot more). nowadays these sets are lcd so they fold in 2u or so. before that, you'd allocate place for a crt monitor in some rack.
  a kvm switch sits behind that terminal and has a shitload of cables going to all the servers. last i did it, it was all ps/2, no idea whether the new ones are all usb or something.
  large kvm switch can hook up to dozens of servers, and you can even stack many of those, controlling hundreds of servers from a single terminal.
  note that large companies probably have more efficient solutions (ssh-kvm etc), and last i actually worked on this ability to ssh in a kvm was just arriving, so you might find more up-to-date information from vendors
  
  --
  Rich
12. Re: KVM? by Anonymous Coward · 2013-09-13 22:43 · Score: 0
  
  ipmi is a lot better for servers. of course you need a special network interface which is hugely expensive. then again cat5 is a whole lot cheaper than video cable, especially monster.
  i mean who really wants to wander around in a room with 250 KVA snaking through the place installed by people that think 12V is overkill.
13. Re:KVM? by Jarik+C-Bol · 2013-09-13 22:48 · Score: 1
  
  I've actually got a 2 source KVM switch that supports usb keyboard and mouse. Been years since i've used it, but I can attest that they exist.
  
  --
  I've decided to Diversify my Holdings. I've divided my cash between my left and right pockets, instead of all in one.
14. Re:KVM? by Anonymous Coward · 2013-09-13 22:50 · Score: -1
  
  Of course, I only make posts like this to try and get his attention, due to my mad crush on him. (I promise not to cum in your mouth! I promise!)
  -- Ethanol-fueled
15. Re:KVM? by bruce_the_loon · 2013-09-13 23:18 · Score: 1
  
  Update of technology knowledge coming :)
  LCD/keyboard trays now fit into 1U and IBM, among others, have Cat5e-based console managers that daisy-chain different server connection devices using RJ45 connectors. These end devices can have PS/2, USB, VGA, HDMI, DVI and even RS232 options. On the IBM unit we have, the LCM 16, there are two sets of connectors for the LCD tray and 16 RJ45 KVM ports which can cascade to 16 servers each for 256 devices in 1U. And there is network KVM access available for an extra license cost.
  
  --
  Trying to become famous by taking photos. Visit my homepage please.
16. Re:KVM? by Anonymous Coward · 2013-09-13 23:47 · Score: -1
  
  And it isn't an acronym. NASA is an acronym. Radar is an acronym. Laser is an acronym. KVM is an initialism.
17. Re:KVM? by JakeBurn · 2013-09-14 01:10 · Score: 5, Informative
  
  When you are part of an industry and use a certain term multiple times you get to decide when and what you create acronyms for. Since a lot morons among the AC crowd don't seem to get simple concepts, I will explain this one for your benefit. Acronyms are made to make speaking easier/quicker when you MUST repeat yourself. People that make KVM switches probably took about 10 seconds into their first meeting talking about making this product to decide that repeatedly saying keyboard video mouse was a waste of time. Just because the entirety of your experience with acronyms begins and ends with lol, fml and diaf as you text your twelve year old friends does not mean that the world in general doesn't understand that time is money. If you had even a modicum of experience in a non-entry level position in a larger company you would realize that most acronyms in the world are business related; created and mostly used by the people that create the idea or product then picked up by the general public over time. The military is an exception to that rule. They have a serious addiction to creating acronyms for everything.
18. Re:KVM? by JakeBurn · 2013-09-14 01:17 · Score: 1
  
  I found out about them in the mid nineties when I got an extra pc with no peripherals from a neighbor and wanted to use it just for games. They were amazing, magical devices back when it was easier to just get another computer than it was to find a big enough hard drive to hold everything you wanted to have access to.
19. Re:KVM? by Anonymous Coward · 2013-09-14 01:23 · Score: 1
  
  it was a KVM with wireless capability. Bank was in a mall. The crooks just had to sit at a cafe and watch and learn remotely. Something like these
  http://www.kvm-switches-online.com/wireless-kvm.html was used. I'm still looking for the ones that "can be bought online for 10 pounds"
  Picked this up from Sky news this morning via my Apple TV which has a free feed.
  Pretty smart except for needing 12 guys and getting caught.
20. Re: KVM? by richlv · 2013-09-14 02:29 · Score: 1
  
  is ipmi console a standard protocol ? how widely is it used ? i'll admit not seeing it being it actually used even once, but maybe i was not looking at right organisations...
  
  --
  Rich
21. Re:KVM? by Zero__Kelvin · 2013-09-14 03:31 · Score: 1
  
  The acronym KVM has been around quite some time. This is Slashdot. KVM doesn't necessarily mean Keyboard/Video/Mouse here. Many of us are informed enough to know that KVM is also a core Linux Kernel virtualization technology, and it was therefore necessary to be explicit. In fact, when I read the title I thought they were talking about the Kernel Virtual Machine. I had to read the summary to find out they were talking about a Keyboard/Video/Mouse based exploit.
  
  --
  Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
22. Re:KVM? by Anonymous Coward · 2013-09-16 02:37 · Score: 0
  
  if i wasn't too lazy to login, i would rate this as "comedy". you obviously are confusing "business" with "technical". business is only concerned with making money. money sometimes happens to technical people.
23. Re: KVM? by Anonymous Coward · 2013-09-19 03:48 · Score: 0
  
  is ipmi console a standard protocol ? how widely is it used ? i'll admit not seeing it being it actually used even once, but maybe i was not looking at right organisations...
  If you've never been a sysadmin, then there's no reason for you to ever have heard of it.
  It is a standard and widely adopted protocol, created in the late 90s by some of the prominent hardware vendors of the day. You're not likely to see it outside of server class machines.
So no little kid genius hacker ... by Anonymous Coward · 2013-09-13 20:28 · Score: 0

This and the NSA incident should really tell everybody that the story of a lone hacker sitting in his basement "hacking the world" is just that: bullshit.
It takes always more than one to be effective, be it in the large or small spying business or criminal ... undertakings. Hacking stuff, either by placing
hardware or coming directly for the systems is one thing, making money or usable information out of it another. And one "big heist" usually
leads to another, because a larger pool would be nice, wouldn't it? And spying ... once the flow of information gets going you'll notice
your customers are always thirsty.
What else is bullshit is all the stuff "preventionists" are telling you. The picture of the barbarian, unwashed hacker hordes rushing you, only to be foiled by stalwart products while you observe like a field marshal from your dashboard is a lie. They have no reason to do that, they go for the weak points. These guys brought their backdoor with autonomous internet access with them, they didn't even try to breach the net - and they used of-the-shelf-products. Which is always annoying, wether it is backdoors or hardware deployed - you don't who dropped it, could be anyone.
So how did they caught? Maybe they got too greedy, maybe did it one time too often - and someone didn't rely on prevention, but investigation.
Should you be bored by this little rant, buy an iKVM switch, throw it at an antivirus marketing guy whilst yelling "Catch this!"
1. Re:So no little kid genius hacker ... by AHuxley · 2013-09-13 20:41 · Score: 1
  
  It used to sound so neat when it was compromising emanations and the faint signal gave you plaintext.
  Now you can walk in and plug in :)
  
  --
  Domestic spying is now "Benign Information Gathering"
Ohh.... by gigaherz · 2013-09-13 20:31 · Score: 5, Funny

... I was hoping they tried to exploit the bank through a Kernel-based Virtual Machine. Disappointing.
1. Re:Ohh.... by Anonymous Coward · 2013-09-13 21:49 · Score: 0
  
  Me too. Goddamn abbreviations.
2. Re:Ohh.... by Anonymous Coward · 2013-09-14 10:40 · Score: 0
  
  Banks are using OS/2, what are you talking about?!
American Exceptionalism and Moral Superiority by Anonymous Coward · 2013-09-13 20:44 · Score: -1, Troll

Yes, I do! I find it quite amusing that America was schooled by Putin on exceptionalism.
For a country one who claims to boast its own national exceptionalism and moral superiority. Yet, forgets to mention they are the holders of the largest national debt known to man. If you ask me. I find this fact hardly exceptional or superior ... heck it's not even moral!
1. Re:American Exceptionalism and Moral Superiority by Anonymous Coward · 2013-09-13 22:06 · Score: 0, Funny
  
  did you just learn how to use the bold tag or something?
2. Re:American Exceptionalism and Moral Superiority by Anonymous Coward · 2013-09-14 03:46 · Score: 0
  
  That's the strong tag, you antiquated fool.
3. Re:American Exceptionalism and Moral Superiority by Anonymous Coward · 2013-09-14 05:55 · Score: 0
  
  And yet its use was rather weak.
Should see the MET statement. by SuricouRaven · 2013-09-13 20:52 · Score: 5, Interesting

'The Metropolitan Police said its "time-critical, dynamic response" had thwarted a "very significant and audacious cyber-enabled offence". '
http://www.bbc.co.uk/news/uk-england-london-24077094
I think there should be a general rule: Anyone who uses the word 'cyber' in a non-sarcastic manner should be ignored.
The article looks like it wasn't written by a tech journalist too, as it contains such obvious errors as 'The device, if operational, would have allowed data and contents of the desktop to be downloaded over the network.' News organizations so often make mistakes in their rush to be the first to break a story - even the BBC.
1. Re:Should see the MET statement. by SuricouRaven · 2013-09-13 20:53 · Score: 3, Interesting
  
  Like my mistake in capitalizing 'MET' when I know full well it should be 'Met.'
2. Re:Should see the MET statement. by Anonymous Coward · 2013-09-13 21:46 · Score: 1
  
  Don't know what they were using but many KVM over IP products do support remote media devices (via USB along with keyboard/mouse) - usually for remote OS installation. No reason data couldn't be written to one to facilitate this.
3. Re:Should see the MET statement. by mcgrew · 2013-09-13 22:10 · Score: 1
  
  Anyone who uses the word 'cyber' in a non-sarcastic manner should be ignored.
  What's wrong with the word cyber? Do you have a better synonym?
  
  --
  Free Martian Whores!
4. Re:Should see the MET statement. by Anonymous Coward · 2013-09-13 22:53 · Score: 0
  
  The people who use this word tend to be cunts who know fuck-all about technology. Like politicians, lawyers, judges etc.
  Obviously this is a generalization, but it is usually a rather accurate one.
5. Re:Should see the MET statement. by Anonymous Coward · 2013-09-13 23:30 · Score: 2, Informative
  
  Yes. "Computer".
6. Re:Should see the MET statement. by drinkypoo · 2013-09-13 23:39 · Score: 1
  
  The article looks like it wasn't written by a tech journalist too, as it contains such obvious errors as 'The device, if operational, would have allowed data and contents of the desktop to be downloaded over the network.'
  It's not obviously an error to suggest that the attackers could have uploaded the data and contents of the desktop over the internet. So aside from using the wrong word (journalists change up to down all the time, especially in tech where they regularly get this wrong) what's obviously incorrect? It's obviously correct that once they had access to the system, they could get the data.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
7. Re:Should see the MET statement. by Anonymous Coward · 2013-09-14 00:03 · Score: 0
  
  throw em in cyberjail
8. Re:Should see the MET statement. by MysteriousPreacher · 2013-09-14 00:48 · Score: 2
  
  To me it sounds dated and hackneyed; like asking "do you surf the information superhighway?" Just a personal irk.
  
  --
  -- Using the preview button since 2005
9. Re:Should see the MET statement. by Somebody+Is+Using+My · 2013-09-14 01:58 · Score: 3, Informative
  
  I would guess his objection is that it probably was not the KVM Switch which "allowed data and contents of the desktop to be downloaded over the network", but the per-existing network infrastructure that did that. Unless they used some sort of custom device, it is unlikely that it created its own route (wirelessly?) out of the network or did anything to breach the network security. The KVM switch merely allowed the "hackers" to surreptitiously access the data and send it on its way to whatever nefarious data-haven the criminals had set up (probably Dropbox).
  A subtle and admittedly pedantic difference, but an important one. Seeing as the purpose of the news industry is to - nominally - provide accurate and timely information, it is an unfortunate mistake. Whether it is an important distinction to the common reader is another question entirely. However, since they make it a point of actually mentioning the type of device, it would have been nice if they had taken the time to accurately describe its capabilities.
  Else on Monday some hapless tech somewhere is going to be argue with a clueless CEO who fears that every KVM switch attached to the servers will allow hackers to remotely steal their data because the executive got the wrong message from the media.
10. Re:Should see the MET statement. by Anonymous Coward · 2013-09-14 03:39 · Score: 0
  
  I think there should be a general rule: Anyone who uses the word 'cyber' in a non-sarcastic manner should be ignored.
  Unless of course they are talking about cyber-sex or actual cybernetics. Or cybersex involving actual cybernetics.
11. Re:Should see the MET statement. by SuricouRaven · 2013-09-14 09:24 · Score: 1
  
  Even the people who participate in cyber-sex consider the term vulgar. We usually refer to it as adult roleplay or just 'RP.'
12. Re:Should see the MET statement. by marcello_dl · 2013-09-14 22:22 · Score: 1
  
  > Even the people who participate in cyber-sex consider the term vulgar.
  I DON'T!!!
  oh wait...
  
  --
  ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
Ok, but... by will_die · 2013-09-13 21:02 · Score: 1

How where they caught?
1. Re:Ok, but... by Anonymous Coward · 2013-09-13 21:17 · Score: 0
  
  Sources and Methods, Sources and Methods... can't talk about that, you know.
  The probably bought the KVM switch online, then asked the text support guy in the online chat room if it would work with the bank's computers.
2. Re:Ok, but... by jrumney · 2013-09-13 21:56 · Score: 2
  
  I'm guessing here, but to be of any use, the KVM would most likely be an IP based one, connected to a server somewhere, which in turn could be traced to the crooks, who like most crooks, were not very sophisticated and didn't think to go through Tor or anonymous hosting in a foreign country.
He got physical access to the machine! by 140Mandak262Jamuna · 2013-09-13 21:32 · Score: 4, Insightful

So this bogus "maintenance engineer" was able to get access to the physical machine and install a KVM switch and snake cables out of the bank to another location controlled by the crooks. It is not clear how this was detected and how he was tracked.
Well, he could have easily slipped in an unobstrusive thumbdrive with a key logger in to a back usb port, and collected it back in the next "maintenance" visit! One could imagine a usb device based KVM without cables transmitting data wirelessly. Such devices are very useful, I could stash my tower in a sound proofed cooling enclosure far away and keep my KVM on my desk. So they will be in the market, if they are not already in the market. At that point all the bogus engineer had to do was to slip in an unobstrusive usb device in a back port.
Once the crooks have physical access to the machine, it becomes very difficult to protect against. Once a crook and an insider cooperate it becomes very very difficult to guard against.

--
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
1. Re:He got physical access to the machine! by auric_dude · 2013-09-13 22:12 · Score: 1
  
  Wonder if Power Strip's a Penetration Testing Tool in Disguise http://www.linuxinsider.com/story/75706.html might have been left with a view to future use?
2. Re:He got physical access to the machine! by bruce_the_loon · 2013-09-13 22:52 · Score: 3, Informative
  
  He was more likely using an IP-connected KVM device, like one of these http://www.raritan.com/products/kvm-over-ip/ and not the heavily cabled ones. Hooked up to a cellular router, they don't even need cables except for a power pack.
  Full access to the workstation might be needed if the bank implements machine-based access control that requires something on the machine itself for authentication besides username and password. The South African Post Office does this and a bunch of crooks nicked money after stealing a machine that had management access to accounts and then broke into the premises of another branch to plug it into the LAN. That was proved an inside job by tellers.
  
  --
  Trying to become famous by taking photos. Visit my homepage please.
3. Re:He got physical access to the machine! by Anonymous Coward · 2013-09-14 01:21 · Score: 0
  
  A small form factor KVM switch (like a Lantronix Spider, it's about as large as an iphone5), an aircard, raspberry pi, and a small black hobby case to contain and disguise the payload is what you want. Then your raspberry PI uses the aircard to VPN back home to a host you can anonymously access...and then it's game over.
  Also, you don't try to steal the cash yourself at that point, you sell the access to someone else (in Russia!).
4. Re:He got physical access to the machine! by Anonymous Coward · 2013-09-14 02:08 · Score: 0
  
  Photo of the device shown on BBC news last night showed a hacked-about black plastic box about the size of a cigarette packet, with what looked like a WiFi antenna protruding.
baren article by Gravis+Zero · 2013-09-13 21:48 · Score: 5, Informative

installed KVM as phony IT guy, were arrested and here are their names
this is all the information the article provides. no details of any kind. no picture of the (hopefully stealthy) KVM, how they were caught or anything of any interest at all!
Here's the real scoop:
A man dressed as a "maintenance engineer" (IT guy) claimed to be sent by a some company working for the bank. Then he goes to the bank branch's main server and plugs an external KVM-over-IP box connected to an ethernet to wifi adapter or at least that was the plan. The plan was thwarted at the last minute... no info as to why/how but I'm betting that the server either didn't have a PS/2 port or didn't have VGA output not that it matters without a username and password to login.
A spokesman for Santander insisted that the bogus engineer had not managed to install the device and no customer money was ever at risk.

We are pleased that we have been able, through the robustness of our systems, to prevent the fraud and help the police gather the evidence they needed to make the arrests. Santander operates multiple levels of controls to protect customers' funds and this attack would not have been successful.
Hours after the bogus engineer attempted to fit the device to the computer server, officers from Scotland Yard swooped arresting 12 men on suspicion of conspiracy to steal. As for how they were caught, I think someone just realized there wasn't supposed to be an IT guy there and then the cops got called.

--
Anons need not reply. Questions end with a question mark.
1. Re:baren article by mcgrew · 2013-09-13 22:17 · Score: 2
  
  As for how they were caught, I think someone just realized there wasn't supposed to be an IT guy there and then the cops got called.
  Since there were so many people involved, my guess is someone got sloppy and was overheard (maybe in a bar or something) and the cops were tipped off.
  The more people involved in any criminal activity, the greater the chance of getting caught.
  
  --
  Free Martian Whores!
2. Re:baren article by Anonymous Coward · 2013-09-13 22:28 · Score: 0
  
  heh, "computer server".
3. Re:baren article by countach · 2013-09-13 23:22 · Score: 1
  
  How does some random guy get access to the "main server"? Any bank worth its salt would have massive security just to get near to it. I could understand getting to some guy at the bank's desktop machine, and even that could be really dangerous, but the server?
4. Re:baren article by Anonymous Coward · 2013-09-14 00:57 · Score: 0
  
  I do not know if that was really the case but likely social engineering skills were at use. Normal IT people are having rather autistic traits instead of sociopathic ones so they may have problems even understanding what that means to have social skills but anything can be learned. Mitnick did use social skills - that was I think the best known case of social engineering.
5. Re:baren article by Shimbo · 2013-09-14 01:25 · Score: 1
  
  How does some random guy get access to the "main server"? Any bank worth its salt would have massive security just to get near to it
  Most bank branches are fairly small operations these days; 3-4 desktops and probably a branch server out the back. A couple of tellers and that's it. Besides, it sounds like the police were onto th plot in advance; just waiting for the gang to incriminate themselves.
6. Re:baren article by Anonymous Coward · 2013-09-14 02:05 · Score: 0
  
  SecureLinx Spider - The next Generation KVM over IP Google it. this what they used
7. Re:baren article by mjwalshe · 2013-09-14 03:09 · Score: 1
  
  I suspect that the cops had been investigating this before hand and let the attempted installation go ahead so they could actually have a crime to charge people with and arrested every one at that point.
  
  I suspect that the crew tried to recruit an inside man who shopped them to the cops and acted as a double agent.
8. Re:baren article by PPH · 2013-09-14 03:29 · Score: 1
  
  That's what gave the plot away: There's someone claiming to be an IT guy working on our system. And he's not an asshole.
  Call the police!
  
  --
  Have gnu, will travel.
Modern plutocratic justice by jeffasselin · 2013-09-14 00:17 · Score: 2

People with no job conspire and fail in trying to shave off a few millions out of a bank's billions?
Get arrested, thrown in prison for years.
Work for a bank, conspire and succeed in destroying the global economy and cheat your customers out of trillions of dollars?
Get the government to give you even MORE money.
Not saying these guys here should not have been arrested. But the worst crooks in the story are working inside the bank, not outside.

--
If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
1. Re:Modern plutocratic justice by Anonymous Coward · 2013-09-15 22:00 · Score: 0
  
  Work for a bank, conspire and succeed in destroying the global economy and cheat your customers out of trillions of dollars?
  Get the government to give you even MORE money.
  Not saying these guys here should not have been arrested. But the worst crooks in the story are working inside the bank, not outside.
  Nope. They are in the government.
Under what circumstances... by slashdime · 2013-09-14 00:50 · Score: 1

Under what circumstances will Slashdot not pick up this story? Perhaps if....

CrookA calls CrookB on his cel^H^H^Hrotary phone. CrookB asks a bicycle courier outside his building to deliver some building plans across town to CrookC and CrookD.

The next night, they all meet up and get to work hammering down a wall from some parking garage which leads into the vault.
Hey Man! by Grand+Facade · 2013-09-14 01:14 · Score: 1

I've just finished development on my new bitchen KVM system!
Wanna give one a try and tell me how you like it? ......

--
Rick B.
This what they used by Anonymous Coward · 2013-09-14 01:55 · Score: 0

They must have used the device in the link attached to a wifi router. Though the device must be capable of negotiating the firewall like RVNC does. I think the router gave it away.
http://www.hy-line.de/en/company-group/hy-line-computer-components/line-card/lantronix/kvm/
In Soviet Russia, the key hits YOU! by Thor+Ablestar · 2013-09-14 02:08 · Score: 1

What if you are a political blogger whose keyboard is bugged? The Miniluv can do everything they want against you, and no TOR, I2P, VPN, foreign hosting or full-disk encryption will save you from Room 101.
chase bank out outsourced branches IT to work by Joe_Dragon · 2013-09-14 04:03 · Score: 1

chase bank out outsourced branches IT to work to a mix of outside contractors / sub contractors.
They should have by CRMDmerv. · 2013-09-14 05:45 · Score: 1

They should have used Xen or VMware for the financial industry.
The bank robbers big mistake by Anonymous Coward · 2013-09-14 09:13 · Score: 0

The KVM was marked 'Made in China'. They should replaced it with a label saying 'Installed by the NSA'.
How Much Longer? by StoneyMahoney · 2013-09-15 06:35 · Score: 1

Hey, newspaper guy! It's called "Social Engineering" and it's broadly the same as "Con Artistry".