[ISN] Hackers Steal Russian Central Bank Transactions—- Paper

From: InfoSec News (isn@private)
Date: Wed Mar 30 2005 - 22:40:08 PST


http://www.mosnews.com/news/2005/03/30/stolentransactions.shtml

MosNews
30.03.2005 

Russian hackers have stolen the database of Central Bank transactions
from April 2003 to September 2004, the Vedomosti newspaper wrote on
Wednesday.

In February an advert appeared on the Internet offering copies of the
Russian Central Bank database detailing transactions over a period of
18 months. The database was offered for $800-1000, according to one of
those selling the information, the paper said. A month ago, the
database was selling at $1500-2000.

A representative of www.tschoice.com, currently unavailable, said the
database could not become a popular item because of the high price.  
The executive secretary of the Moscow government's Business Council
Information Market Security Commission, Oleg Yashin, was quoted by the
paper as saying there were several people selling the databases. The
transactions database is 60 gigabytes and is sold with a hard disk.  
Adverts says the database has detailed information on transactions:  
payers, addressees, banks and the payment purpose.

A database fragment bought by the paper for 1,500 rubles in a month
said the biggest payment of Vneshtorgbank in February 2004 (2.96
billion rubles) was made for a transfer of AvtoVAZ bonds. The paper
was unable to get information from AvtoVAZ. The information technology
director of Vneshtorgbank said the bank does not make deals it wants
to keep a secret, but "the appearance of such a database cannot but
disturb. I will put serious questions to the colleagues of the
agencies that are supposed to control data security."

The Central Bank Interregional Information Technology Center that
keeps data on bank transactions did not respond to the paper’s request
for comments on the reports. The Federal Finance Monitoring Service’s
press secretary said it does not have full information on
transactions.

The Russian Criminal Code stipulates a two-year prison term for
collecting secret banking or commercial information and three years
for the use of it. Illegal access to computer information can lead to
five years in prison.

Similar information on telephone users, mobile telephone users, and
wanted criminals has been sold in the past after computer databases
were also hacked.



_________________________________________
Network Security - http://www.auditmypc.com
Free vulnerability test - How secure is your computer?



This archive was generated by hypermail 2.1.3 : Thu Mar 31 2005 - 15:48:19 PST