Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

229 million in British Pounds…

leave a comment »

Hackers tried to steal hundreds of millions from bank

An international gang plotted to steal £229 million from customers’ accounts at a leading bank by hacking into computers, a court was told yesterday.

A security supervisor smuggled two Belgian computer hackers into the London offices of Sumitomo Mitsui Banking Corporation by pretending that they were friends who had arrived for a game of cards. The hackers installed spy software that recorded employees’ names and passwords at the bank’s European headquarters in the heart of the City, Snaresbrook Crown Court was told.

They visited the offices several times to retrieve the security information before returning one weekend to transfer the money to accounts controlled by accomplices in Spain, Dubai, Hong Kong and Singapore, it was alleged. When Sumitomo Banking staff arrived at work on Monday morning, they found that their computers had been tampered with, the jury was told.

The scheme was foiled because the hackers failed to fill in one of the fields in the Swift system used to make money transfers.

Kevin O’Donoghue, 34, of Birmingham, a bank security supervisor, and the hackers Jan Van Osselaer, 32, and Gilles Poelvoorde, 34, both from Belgium, have admitted their roles in the conspiracy.

Yesterday a man accused of setting up the international money laundering for the funds, and two alleged accomplices, denied being part of the plot.

Simon Farrell, QC, for the prosecution, said: “The case concerns a dishonest, bold and sophisticated attempt in October 2004 to steal £229 million from the Sumitomo Mitsui Banking Corporation in the City of London. The attempt was made by surreptitiously entering the bank at night, by corrupting its computer system and by attempting to electronically transfer the money.”

When O’Donoghue was challenged by a colleague about the visitors, he claimed that they were friends who had come over for a game of poker, the court was told. He was arrested on the day that the plot was discovered.

Mr Farrell said that the security supervisor had tried to cover up the hackers’ visits by tampering with the bank’s closed-circuit television system, but that he failed to eradicate all evidence: “snips” were recovered from the recordings showing him letting the men in.

Belgian hackers were said to have entered the bank several times in September 2004 to install software that recorded pictures of information on computer screens, details of keystrokes and of users’ security details. Mr Farrell said: “The plan involved the secret uploading of keylogger software from the bank’s computers. This software has the effect of recording activity carried out by users in the course of their everyday business at the bank, including log-on names and passwords.”

Early one Saturday morning in October the hackers returned to the bank’s City offices and attempted to transfer the money using the stolen security information. The accounts targeted were said to include those of Toshiba International, Nomura Asset Management, Mitsui OSK Lines and Sumitomo Chemical.

When the money did not transfer successfully they returned to the bank that afternoon for a second attempt. In total they attempted 21 transfers, the jury was heard.

Mr Farrell said: “When the bank staff returned to work on Monday it was clear something was wrong with their computers and the network cables had been taken out.”

The foreign bank accounts set up to receive the money had allegedly been organised by two British businessmen, Bernard Davies and Hugh Rodley. The men allegedly put up David Nash and Inger Malmros to front some of the companies and bank accounts set up to receive stolen funds. The court was told that Mr Rodley’s company Mediatel, based in Mayfair, was “inextricably linked” to other companies used in the attempt to transfer the money.

On the Sunday after the attempted transfer Mr Rodley and Mr Nash had sent a fax from a Cheltenham video-shop to the Emirates Bank in Dubai to find out if the funds had arrived. They then went to the Canary Islands, where they continued to try to retrieve the money, it was alleged.

Mr Rodley, 61, of Tewkesbury, Gloucestershire, Mr Nash, 47, of Durrington, West Sussex, and Mr Malmros, 58, of Sweden, deny conspiracy to defraud and conspiracy to transfer criminal property between January 1 and October 5, 2004. Mr Davies, 74, of Surrey, died before the trial began.

The trial continues.

They had a plan, they had the accomplices, and they had the will. What they didn’t have was a sense of “swift” heh. It seems that these guys may have been able to pull off the scam “if” they had not fubar’d the entry of one field in SWIFT a number of times. I do think though, that the hardest part would have been the liquidation/laundering of the money once they actually got to a bank to withdraw it.

You have to hand it to them though. They took the novel approach of physical penetration of the target to get in and install keyloggers as well as get them out again. Once again, had they not messed up the SWIFT, then no one would have been the wiser right off the bat. All in all not a bad plan, just poor follow through.

B+ for effort

F for follow through

A for creativity of the scam

Written by Krypt3ia

2009/01/22 at 22:50

Posted in Cyber, Infosec, Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: