[ISN] Alleged $9 Million Hacking Ring Exposed

From: InfoSec News <alerts_at_private>
Date: Thu, 12 Nov 2009 00:20:10 -0600 (CST)
http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=221601198

By Tim Wilson
DarkReading
Nov 11, 2009

A group of alleged hackers from Eastern Europe has been indicted on 
charges of hacking into a computer network operated by the Atlanta-based 
credit card processing company RBS WorldPay, which is part of the Royal 
Bank of Scotland.

Eight individuals, mostly from Russia and Estonia, have been charged. 
The 16-count indictment charges four of the defendants with conspiracy 
to commit wire fraud, wire fraud, conspiracy to commit computer fraud, 
computer fraud, access device fraud, and aggravated identity theft.

The indictment alleges the group used sophisticated hacking techniques 
to compromise the data encryption that was used by RBS WorldPay to 
protect customer data on payroll debit cards. Payroll debit cards are 
used by various companies to pay their employees. By using a payroll 
debit card, employees are able to withdraw their regular salaries from 
an ATM.

Once the encryption on the card processing system was compromised, the 
hacking ring allegedly raised the account limits on compromised 
accounts, and then provided a network of "cashers" with 44 counterfeit 
payroll debit cards, which were used to withdraw more than $9 million 
from more than 2,100 ATMs in at least 280 cities worldwide, including 
cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, 
Japan, and Canada. The $9 million loss occurred within a span of less 
than 12 hours.

The hackers then allegedly sought to destroy data stored on the card 
processing network in order to conceal their hacking activity. The 
indictment alleges that the "cashers" were allowed to keep 30 to 50 
percent of the stolen funds, but transmitted the bulk of those funds 
back to the defendants. Upon discovering the unauthorized activity, RBS 
WorldPay immediately reported the breach.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Wed Nov 11 2009 - 22:20:10 PST

This archive was generated by hypermail 2.2.0 : Wed Nov 11 2009 - 22:27:38 PST