Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hackers Steal $6.7M In Bank Cyber Heist

Soulskill posted more than 2 years ago | from the not-nearly-as-dramatic-as-a-regular-heist dept.

Crime 91

Orome1 writes "A perfectly planned and coordinated bank robbery was executed during the first three days of the new year in Johannesburg, and left the targeted South African Postbank — part of the nation's Post Office service — with a loss of some $6.7 million. The cyber gang behind the heist was obviously very well informed about the post office's IT systems, and began preparing the ground for the heist a few months before, by opening accounts in post offices across the country and compromising an employee computer in the Rustenburg Post Office."

cancel ×

91 comments

Organized trolling campaign on Slashdot (-1, Offtopic)

Anonymous Coward | more than 2 years ago | (#38732210)

GreatBunzinni [slashdot.org] has been posting anonymous accusations [slashdot.org] listing a whole bunch of Slashdot accounts as being part of a marketing campaign for Microsoft, without any evidence. GreatBunzinni has accidentally outed himself [slashdot.org] as this anonymous poster.

Half the accounts he attacks don't even post pro-Microsoft rhetoric. The one thing they appear to have in common is that they have been critical of Google in the past. GreatBunzinni has been using multiple accounts to post these "shill" accusations, such as Galestar [slashdot.org] , NicknameOne [slashdot.org] , and flurp [slashdot.org]

That's not the problem. The problem is that moderators gave him +5 Informative and are now modding down the accused, even for legitimate posts. Metamoderation is supposed to address this by filtering out the bad moderators, but clearly it's not working.

This "shill" crap that has been flying around lately has to stop. It's restricting a variety of viewpoints from participating on the site and creating an echo chamber.

Re:Organized trolling campaign on Slashdot (1)

gweihir (88907) | more than 2 years ago | (#38732288)

And you expect credibility while posting as an AC and off-topic, why?

Re:Organized trolling campaign on Slashdot (3, Interesting)

alphatel (1450715) | more than 2 years ago | (#38732360)

He only expects further trolling, which has been granted.

Re:Organized trolling campaign on Slashdot (-1)

Anonymous Coward | more than 2 years ago | (#38732384)

And you expect credibility while posting as an AC and off-topic, why?

And you expect coons while posting as a Nigger and on-topic, why?

Re:Organized trolling campaign on Slashdot (-1, Troll)

GreatBunzinni (642500) | more than 2 years ago | (#38744580)

The people manipulating the bonch [slashdot.org] , SharkLaser [slashdot.org] and Overly Critical Guy [slashdot.org] are doing this as a reaction as a post I've made yesterday after I'd noticed this post [slashdot.org] showing that the bonch and Overly Critical Guy accounts are being used to paste the same PR script almost verbatim.

Once I've posted a message reiterating this, which you can find here [slashdot.org] , I started getting attacked throught the Overly Critical Guy account, as you can see in that post's followup discussions.

Once those accounts started getting flak for being outed as sockpuppet accounts employed to astroturf slashdot, the attacks directed at me were increased and started to be made through ACs, as you can see in this case. I've also noticed that in some discussions the first post has been none other than AC comments attacking me, just like this case, as you can see in this post. Also notice that the first message posted through the bonch account [slashdot.org] , which is the first post, was sent exactly at the same time that the slandering AC message was posted to that discussion.

Meanwhile, their assault campaign on me has backfired. Other users have chimed in and presented additional examples of how the bonch/SharkLaser/Overly Critical Guy accounts are being used to shovel the same astroturfing crap to slashdot, as seen in this discussion [slashdot.org]

It appears that now the people manipulating these sockpuppets are trying to muddy the waters, by accusing me of being a shill, sockpuppet or some other stuff. Maybe they are feeling the heat and intended to divert it towards the people who outed them, expecting that the backlash they are getting is enough to silence their critics.

Re:Organized trolling campaign on Slashdot (1, Interesting)

TheCouchPotatoFamine (628797) | more than 2 years ago | (#38732290)

Not sure if serious. he posted evidence, you just don't like it. Refute the claims.. oh wait you won't even post your name. great job.

Re:Organized trolling campaign on Slashdot (-1)

Anonymous Coward | more than 2 years ago | (#38732674)

Um, what evidence? It was just a list of names followed by a website link.

Re:Organized trolling campaign on Slashdot (1, Insightful)

TheCouchPotatoFamine (628797) | more than 2 years ago | (#38733044)

he clearly showed that Bonch and Overly Critical Guy had posts which were themes on the same base material. Certainly, a professional advertiser would use such a permutation. That's evidence enough for the court of slashdot... the burden of proof is yours, AC.

Re:Organized trolling campaign on Slashdot (0)

metrix007 (200091) | more than 2 years ago | (#38734126)

So fucking retarded. They both made points obvious to anyone holding that view. That fact that they hold the same view at an abstract level is not evidence that they are the same person or a shill. Unless most accounts on here are shills for Linus. Yeah, that works.

Re:Organized trolling campaign on Slashdot (1)

GameboyRMH (1153867) | more than 2 years ago | (#38741810)

They're both Apple fanboys, apart from that they have nothing in common. Bonch is one of the bloggers on MacJournal.

Re:Organized trolling campaign on Slashdot??? (0)

Anonymous Coward | more than 2 years ago | (#38732624)

Are we really supposed to believe that? Specially when you seem to have waited right there till the news item to come out to post this accusation?
Seriously? A first post with the exact time stamp as the news item, it undoubtedly seems that:
- you don't have anything else to do;
- hanging around on /. is your job description.

(posting as AC to avoid harassment)

Re:Organized trolling campaign on Slashdot (0)

Anonymous Coward | more than 2 years ago | (#38732646)

I think all of you need to settle it after 3 like school children are supposed to. I'm tired of all you idiots.

Re:Organized trolling campaign on Slashdot (0)

Anonymous Coward | more than 2 years ago | (#38732666)

Does any of it really matter? Those mod points are, in the end, worthless. Work your e-peen elsewhere that makes it look like you matter, like a aol chatroom.

Re:Organized trolling campaign on Slashdot (1)

NeutronCowboy (896098) | more than 2 years ago | (#38732690)

Go away, DCTech. Eat your down mods like the office drone that you are.

Conspiracies (0, Funny)

Anonymous Coward | more than 2 years ago | (#38732852)

I love conspiracies. I can't wait until the twist where Bonch and GreatBunzinni turn out to be the same person

Hi Bonch / Overly Critical Guy! (1, Informative)

Anonymous Coward | more than 2 years ago | (#38737220)

This "shill" crap that has been flying around lately has to stop.

such as Galestar, NicknameOne, and flurp

Oh, please. It is obvious that this crapflood is from bonch (== Overly Critical Guy) who has a problem with Galestar, NicknameOne, flurp, and GreatBunzinni.

bonch: The "shill" accusations flying around on Slashdot lately are getting out of control. [slashdot.org]
Overly Critical Guy: This isn't bonch... Aren't you Galestar/NicknameOne/flurp who replies to all his posts? [slashdot.org]

Overly Critical Guy: Hi, GreatBunzinni. How do I know it's you? ... This is not bonch.... Signed, NOT bonch [slashdot.org]

"This isn't bonch"? Ha ha. BUSTED!

bonch: Seamless experiences win out in the long term. We saw this when gaming moved from PCs to consoles in the 2000s, and it's happening now in the transition to the post-PC era. [slashdot.org]
Overly Critical Guy: Seamless experiences always win out over time. We saw it when gaming shifted from PCs to consoles, and now the industry is shifting from desktops to mobile devices. [slashdot.org]

Overly Critical Guy Android phones used to look like this [slashdot.org]
bonch: Android used to look like this [slashdot.org]

Overly Critical Guy: The keyboard looks exactly like Apple's flat keyboard, and the trackpad is the Magic Trackpad that Apple started offering a year or so ago [slashdot.org]
bonch: The keyboard looks just like Apple's flat keyboard introduced a few years ago, the trackpad is a clone of the Apple Trackpad. [slashdot.org]

bonch: A Slashdot employee recently told me that my comments generate more moderations than any he's ever seen. [slashdot.org] (yes, that is what happens when you mod your own troll posts up from multiple accounts.)

Re:Organized trolling campaign on Slashdot (-1, Troll)

Tsingi (870990) | more than 2 years ago | (#38737316)

Fuck off and die.

Now let's see the reports of their capture. (2, Insightful)

Anonymous Coward | more than 2 years ago | (#38732262)

It's not whether you can get into a bank, or even out of it, it's how long you can keep the money.

It will teach them to not have so many holidays I hope!

"compromising an employee computer" (4, Funny)

omganton (2554342) | more than 2 years ago | (#38732300)

"Hey, can I check my Facebook real quick?"

Surprised it took so long for somebody to do this (4, Interesting)

gweihir (88907) | more than 2 years ago | (#38732372)

I was part of a small team that described a pretty similar attack scenario to a customer almost 10 years back. It is no surprise at all that this worked and it would work in a lot of other places as well. The only really tricky part is coordinating the mules (and keeping them quiet) as you do not know how much money is available at each specific ATM. But you can guess by observing usage patterns (counting customers) and how often they are re-stocked.

Re:Surprised it took so long for somebody to do th (3, Informative)

NeutronCowboy (896098) | more than 2 years ago | (#38732706)

I'm much more surprised by the fact that they managed to take about 1% of the entire assets of the wanna-be bank. That's pretty disturbing - because that means that nothing was working right. Not their security, not their required privileges, not their fraud detection, nothing. Note to self: don't do business in SA.

honestly, this has probably happened in the USA (4, Interesting)

decora (1710862) | more than 2 years ago | (#38734560)

im guessing that the main reason it seems like an 'unusual south africa thing' is because US banks never, ever talk about this kind of thing.

partly out of embarassment, partly because the entire system is based on 'security through obscurity'.

----

of course, oblig. comment about how thousands of US banks failed in 2008/9/10 due to the CDO fraud system - which directly involved and benefited the ratings agencies. but its almost like nobody cares about that. they care about 5 million stolen from ATMs, but not about 2 trillion stolen from the taxpayers.

Re:honestly, this has probably happened in the USA (1)

OeLeWaPpErKe (412765) | more than 2 years ago | (#38735972)

Nearly every attack, most likely including this one, was an inside job.

Besides, every bank in the world that isn't American invests ridiculous amounts into security (and fails). American banks, well, they also fail. But American banks are pretty unique in that they will only invest a reasonable amount to prevent fraud going out of control. They will actually not go after every single instance of fraud.

Of course, one of the big screwups exploited this exact "weakness".

Re:Surprised it took so long for somebody to do th (0)

nroets (1463881) | more than 2 years ago | (#38735130)

... they managed to [loose] about 1% of the entire assets of the wanna-be bank.... Note to self: don't do business in SA.

The correct conclusion is that incompetent governments should not be involved in banking.

Re:Surprised it took so long for somebody to do th (2)

ArsenneLupin (766289) | more than 2 years ago | (#38735820)

The correct conclusion is that incompetent governments should not be involved in banking.

But incompetent corporations should?

Re:Surprised it took so long for somebody to do th (1)

Synerg1y (2169962) | more than 2 years ago | (#38742390)

But incompetent corporations should?

I think you meant: But incompetent corporations are?

Also, not sure about off-shore but in the states the government is not involved in the banks which are private entities for the most part, no idea about SA, but it doesn't seem so? lol

Re:Surprised it took so long for somebody to do th (2)

ArsenneLupin (766289) | more than 2 years ago | (#38735864)

I'm much more surprised by the fact that they managed to take about 1% of the entire assets of the wanna-be bank.

At least, that means that their ATMs were well-stocked for the long New Years' break. Around here they'd have run out of money on the second day...

GOD DAMN RUSKIES !! (0, Offtopic)

Anonymous Coward | more than 2 years ago | (#38732418)

Time to just nuke 'em all and be rid of the devil dogs once and for all !!

Re:GOD DAMN RUSKIES !! (2)

tomhath (637240) | more than 2 years ago | (#38732730)

Not to be pedantic, but "devil dogs" is a nickname for the United States Marines [wikipedia.org] .

Re:GOD DAMN RUSKIES !! (-1)

Anonymous Coward | more than 2 years ago | (#38733018)

Funnily, I know them as homo pussies.

Summary is wrong (4, Informative)

Smallpond (221300) | more than 2 years ago | (#38732442)

42m Rand is not 6.7m USD, it is more like 5.2m.

Re:Summary is wrong (3, Funny)

Anonymous Coward | more than 2 years ago | (#38732498)

Now just 4.3m, ... 5 minutes later
2.1m, ...
0.1m ...
now you are better off burning it for heat than trying to pay your bills with it ;)

Re:Summary is wrong (1)

Anonymous Coward | more than 2 years ago | (#38732590)

wrong African country.

Re:Summary is wrong (1)

PRMan (959735) | more than 2 years ago | (#38733558)

Where's my Mod points? That's seriously funny.

Re:Summary is wrong (4, Informative)

Formalin (1945560) | more than 2 years ago | (#38733880)

That's Zimbabwe. SA, while experiencing considerable inflation in the 90's, is reasonably stable now, and no where near the level of inflation in zimbabwe.

1 rand used to be worth around 1 USD, IIRC (apartheid era). inflation went up with political change, and by around 2000? it was 10 or so to a dollar, and is something like 6-7 these days. So 50-100% some years, less overall, which is bad... but not hyperinflation, where prices double in days or hours, instead of years (like in zimbabwe).

Re:Summary is wrong (2, Informative)

Anonymous Coward | more than 2 years ago | (#38734832)

and is something like 6-7 these days

1 U.S. dollar = 8.03322542 South African rands

42 million South African rands = 5.228286 million U.S. dollars

Good thing we're not on the internet, or it would look a little stupid to be making up numbers when there are perfectly good sources available.

Re:Summary is wrong (2)

HornWumpus (783565) | more than 2 years ago | (#38740912)

It is my understanding that Zimbabwe's currency has settled down to a value of 0. They use US$ now. Yes, they are printing them too.

Re:Summary is wrong (1)

acooks (663747) | more than 2 years ago | (#38742662)

I'm sure Zimbabwe would print USD if it could, but I doubt that it can.

  "...according to diplomats here, a German company, Giesecke and Devrient GmbH, prints about half of the government's currency and also supplies all of its banknote paper." - http://www.thedailybeast.com/newsweek/2008/07/01/where-the-money-isn-t.html [thedailybeast.com]

Re:Summary is wrong (1)

HornWumpus (783565) | more than 2 years ago | (#38749384)

I understand they aren't very good copies. The good copies are from N. Korea and Iran.

Re:Summary is wrong (-1)

Anonymous Coward | more than 2 years ago | (#38732978)

Who's to say they are referring to USD you insensitive clod.

Re:Summary is wrong (1)

powerlinekid (442532) | more than 2 years ago | (#38733020)

The $ sign in front of the 6.

Re:Summary is wrong (2)

ThatsMyNick (2004126) | more than 2 years ago | (#38733610)

Many countries use the $ sign you insensitive clod.

Re:Summary is wrong (1)

treeves (963993) | more than 2 years ago | (#38740904)

Many programmers (and Excel users!) use the $ sign you insensitive clod.

FTFY.

Seriously though, for currency, other than USD?
  Not if they want people to know what the hell they're talking about.

Re:Summary is wrong (3, Informative)

gstoddart (321705) | more than 2 years ago | (#38741040)

Seriously though, for currency, other than USD?
    Not if they want people to know what the hell they're talking about.

Have you ever been outside of the US? Or are you just talking out of your ass?

In Canada we have a dollar ... the symbol is the standard '$' used by most places that have currency they call dollars. There is no other symbol on the keyboard, the way you differentiate is something like "$100 CDN" -- and within Canada, we don't even do that.

If it wasn't SOPA protest blackout day, you could read a list [wikipedia.org] of places, but this [xe.com] will pretty much show you what is used. Almost 30 countries besides the US express their currency with the $ sign.

I'm afraid if you're claiming that only the US dollar is described using the $ sign you're completely mistaken ... because it's a pretty widespread symbol.

Re:Summary is wrong (1)

powerlinekid (442532) | more than 2 years ago | (#38742140)

Sorry but nobody outside of Canada is going to convert the currency of South Africa to the currency of Canada to clarify the amount of money stolen. It is quite obvious that the use of $ meant USD, just like it does 95% of the time on the internet. If you want to have hurt feelings, go right on ahead.

Re:Summary is wrong (1)

gstoddart (321705) | more than 2 years ago | (#38742346)

It is quite obvious that the use of $ meant USD, just like it does 95% of the time on the internet. If you want to have hurt feelings, go right on ahead.

The poster asserted that nobody ever uses the $ sign to represent anything but US dollars, which is clearly false. All I'm saying.

Re:Summary is wrong (1)

treeves (963993) | more than 2 years ago | (#38742544)

If you're referring to me, that's not what I said.
I said if they want others to know what they mean, they don't.
(e.g. if they post "$6.00" on Slashdot, a US-based website, and expect readers to understand they mean $6 CDN, they are foolish).
And yes, I've been outside the US: UK, Hong Kong, Africa, Japan... and yes, even Canada.

Re:Summary is wrong (0)

Anonymous Coward | more than 2 years ago | (#38733694)

Wow, I hope thats a joke, otherwise your US-centric view is atrocious.

Re:Summary is wrong (1)

ciderbrew (1860166) | more than 2 years ago | (#38738452)

Well in the UK I'd rather have dollars. I'm sick of seeing a price for something on the net in the US and it costs $300 and when you look at the UK site and it costs £300 (or more). I'm happy to swap signs over as and when needed.

Re:Summary is wrong (1)

powerlinekid (442532) | more than 2 years ago | (#38742100)

Contextually speaking how many of those other currencies would realistically be the intent of the $ in front of this figure? I am aware other countries use the $ symbol however it is completely pointless to create an article where you convert the South Africa currency to Canadian. It is very obvious, even to the worst pedantic, that they were talking USD.

Re:Summary is wrong (1)

borrrden (2014802) | more than 2 years ago | (#38736742)

Good point! It actually works out to nearly exactly 6.7 million Singapore dollars

Re:Summary is wrong (1)

Everything Else Was (786676) | more than 2 years ago | (#38733968)

But it is about 6.7m Brunei dollars, or New Zealand dollars... or Singapore dollars.

Re:Summary is wrong (1)

ThatsNotPudding (1045640) | more than 2 years ago | (#38740464)

42m Rand is not 6.7m USD, it is more like 5.2m.

And no doubt falling like a stone on this news.

That's nothing (5, Insightful)

midtowng (2541986) | more than 2 years ago | (#38732512)

Wall Street CEO's have been stealing much larger amounts from their own banks for years.

FTFY (3, Interesting)

drainbramage (588291) | more than 2 years ago | (#38732866)

Politicians have been stealing much larger amounts for years.

Re:FTFY (1)

Anonymous Coward | more than 2 years ago | (#38732946)

They're in it together, in case you haven't noticed.

Re:That's nothing (0)

Anonymous Coward | more than 2 years ago | (#38737906)

Pics or it didn't happen

How possible is it that it was an inside job? (1)

bogaboga (793279) | more than 2 years ago | (#38732554)

How could an investigation rule out a possible inside job? These hackers are pretty good at covering their tracks.

One of the many clever ways they employed in one heist, was to run malicious code that incapacitated random parts of the system once it detected that it was itself under some kind of detection or surveillance. Clever indeed.

Re:How possible is it that it was an inside job? (4, Insightful)

nothajan (2457380) | more than 2 years ago | (#38733692)

How could an investigation rule out a possible inside job?

In Soviet Russia, inside job rules out possible investigation.

is your (-1)

Anonymous Coward | more than 2 years ago | (#38732670)

mattress looking better and better now, puppies?

And terrorists thank you for running windows (0, Redundant)

WindBourne (631190) | more than 2 years ago | (#38733094)

When will idiots understand that windows is the best friends of terrorist and criminals? So many claim that it is cheap to run, but they NEVER take into account things like this. WHy? Because the costs are externalized. Insurance companies need to get a clue and start jacking up their prices for companies that run insecure systems like Windows.

Re:And terrorists thank you for running windows (1)

KhabaLox (1906148) | more than 2 years ago | (#38733948)

I only skimmed the article, but didn't see a reference to OS. How do you know what their architecture is?

Re:And terrorists thank you for running windows (3, Informative)

WindBourne (631190) | more than 2 years ago | (#38734088)

http://toolbar.netcraft.com/site_report?url=http://www.postbank.co.za [netcraft.com]
And to back it up

....$telnet www.postbank.co.za 80
Trying 165.8.13.24...
Connected to www.postbank.co.za.
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.1 404 Not Found
Content-Length: 1635
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Wed, 18 Jan 2012 03:35:38 GMT
Connection: close


The page cannot be found
....

Anybody running windows on their website is highly likely running it inside.

Re:And terrorists thank you for running windows (0)

Anonymous Coward | more than 2 years ago | (#38734364)

Yes, yes, I see, do go on. And for how long have you been labouring under the delusion that you know anything remotely connected to enterprise computing?

Do yourself a favour - don't give up your day job, unless it's something like computer forensics, or anything to do with computers at all, really, in which case change your career quickly before whoever hired you figures out their mistake.

Re:And terrorists thank you for running windows (2)

zoloto (586738) | more than 2 years ago | (#38734418)

I do this with my web servers. Make them report as if they were IIS while it's really apache or lighttpd.

Re:And terrorists thank you for running windows (2)

ArsenneLupin (766289) | more than 2 years ago | (#38735832)

I do this with my web servers. Make them report as if they were IIS while it's really apache or lighttpd.

I do this too... and then check my logs for attempted exploits which I can use against real IIS and ASP sites...

Re:And terrorists thank you for running windows (1)

WindBourne (631190) | more than 2 years ago | (#38737488)

Yes, some companies like walmart do this. but how many do this? Few. Very few. I would be shocked if it was 2% of all reporting as IIS were faked.

Re:And terrorists thank you for running windows (1)

kiwimate (458274) | more than 2 years ago | (#38734488)

Anybody running windows on their website is highly likely running it inside.

If you're saying they're likely running it inside in some capacity, agreed. If you're arguing that running your public website on IIS automatically implies you're running all your core business processes on Windows, that's a heck of a stretch. I've never come across a business that's entirely homogeneous.

Re:And terrorists thank you for running windows (2)

WindBourne (631190) | more than 2 years ago | (#38737566)

I agree that running windows on IIS does not mean that all of their inside processes are on windows. However, as a contractor, I have seen that if a company runs non-windows on their front-end, than their back end is most likely close to 100% non-windows with the possible exception of desktops. But even those will be locked down fairly tightly.

But, when companies run IIS on the front-end, then their process servers will very likely be heavily into windows. Their DB may actually be oracle on sun, mainframe, or something else. However, what is important, are the desktops or process servers since they are normally the cracked items.

Re:And terrorists thank you for running windows (2)

GillyGuthrie (1515855) | more than 2 years ago | (#38734244)

Wow, I wish I had mod points so I could mod parent "Flamebait."

When will idiots understand that windows is the best friends of terrorist and criminals?

With an opening statement like that, all the following dialogue is rendered irrelevant.

Re:And terrorists thank you for running windows (0)

Anonymous Coward | more than 2 years ago | (#38736136)

You don't mess with Microcrap winders here or you will be modded down here. Welcome to the new slashdork, with idle and all...

And of course TFA doesn't mention any OS names as it is of course completely irrelevant... or is it?

Why not just "bank robbers"? (2)

Alimony Pakhdan (1855364) | more than 2 years ago | (#38733346)

I could understand the mass media using the word "hackers" here but /. should know better. These guys are just bank robbers and we dont differentiate between bank robbers who use handguns vs those with knives vs those who claim to have a bomb strapped to them.

Re:Why not just "bank robbers"? (1)

Culture20 (968837) | more than 2 years ago | (#38737318)

I could understand the mass media using the word "hackers" here but /. should know better. These guys are just bank robbers and we dont differentiate between bank robbers who use handguns vs those with knives vs those who claim to have a bomb strapped to them.

Sure we do: "masked gunmen held up", "'pizza bomber' bank robber", "mad bomber bank robbery", and bank robbers who use knives are called stupid unless they have a whole gang.

money mules had no problem (0)

Anonymous Coward | more than 2 years ago | (#38733538)

"stopping completely when the offices were opened again on January 3" ...and returning to their jobs at the post

Not the first time in SA (1)

Dan B. (20610) | more than 2 years ago | (#38733600)

This isn't the first "cyber heist" in South Africa, just the first one to make the news.

Seriously, though, criminals realised long ago that you can steal more electronically than you can carry in a 'traditional' heist. Just look at the Russian's and their level of organised e-crime!

Re:Not the first time in SA (1)

Magada (741361) | more than 2 years ago | (#38736332)

Stand by for the outlawing of cash. Any fraudulent cash transactions could then be reversed at will. Moving product stolen with funnymoney is much harder

Dear Mr. South African Postbank Postmaster General (5, Funny)

slas6654 (996022) | more than 2 years ago | (#38733964)

My very wealthy American uncle, who was the American consulate attache to Guyana, recently passed away. While we are very sad for his passing, he has left a great fortune in the Bank of Amerika that, unfortunately, cannot be transferred back to Guyana without completing the probate process. Since my wealthy American Uncle (Sam was his name) was too big to fail (er I mean die), I stand to inherit a great deal of wealth. I will gladly share with you this windfall at the Bank of Guyana if you will help me complete the probate. If you will kindly Paypal 52m Rand to help defray the cost of the probate, I will in turn send you 52billion US dollars. Please respond in confidence to my email address: Angelo.Mozilo@Countrywide.com.

Fall Guy? (0)

Anonymous Coward | more than 2 years ago | (#38734116)

"The investigation will hopefully reveal whether the backdoor into the compromised computer was installed by the employee unwittingly or whether the employee was recruited by the gang to allow them access." I would not want to be that employee!

"Hi, this is Jo from I.T...." (1)

jampola (1994582) | more than 2 years ago | (#38734648)

This sounds like more of a case of social engineering rather than hacking.

I am pretty sure their Systems Analysts and Programmers will cop most of the shit that is coming for what I predict is some stupid emplyees fault. "Yes, what can I do for you Jo?"

I could be wrong, but that's my take.

...sigh... and they worked SO hard on the book. (4, Interesting)

Shadowruni (929010) | more than 2 years ago | (#38734672)

Read "Stealing the Network: How to own a Continent"

The whole book is this heist.

Literally.

Just check out the summary.

The thing that makes this book series special is that they don't say, "I ran nmap and knew from the output they were running a webserver."

They say "I ran nmap with 'sudo nmap -P0 -T3 -p 80 127.0.0.1 -oA localscan'

And got:

Starting Nmap 5.21 ( http://nmap.org/ [nmap.org] ) at 2012-01-17 20:55 PST Nmap scan report for localhost (127.0.0.1) Host is up (0.000083s latency). PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds And could see from the line "80/tcp open http"

http://www.amazon.com/Stealing-Network-How-Own-Continent/dp/1931836051 [amazon.com]

//Has the whole series and still remembers the props I got from Blue bore.

///Yes I know the example is a bit contrived but that is exactly how they present information in the series and I learned a lot from it.

Apparently they are also operating a CA (2)

ArsenneLupin (766289) | more than 2 years ago | (#38735854)

From the second link:

Asked if there were concerns about the risk the security breach posed to government departments using the Trust Centre hosted by the post office...

If that's what I think it is, look forward to another wave of MITM-facilitating rogue certificates, this time from South Africa...

, Pule said: "The centre has high security parameters to protect all the services delivered through it."

oh, after that much buzz-word laden alphabet soup, I feel so much better. Hopefully their flux capacitors are fully charged or else there high security parameters might unload.

Re:Apparently they are also operating a CA (1)

psydeshow (154300) | more than 2 years ago | (#38740496)

From the second link:

, Pule said: "The centre has high security parameters to protect all the services delivered through it."

They were originally considering the low and medium security parameters as well. Unfortunately, the chairman of the board demanded only the highest security, so they only implemented that. Such a shame, because now the low and medium parameters are completely unsecured.

Alternative (0)

Anonymous Coward | more than 2 years ago | (#38736124)

At least the criminals are not blowing up ATM's (while people are there) or money vans (on busy highway), and not rushing into a local supermarket armed with AK-47's - as is the case often across johannesburg, where I live :-)

ATM bombings (0)

Anonymous Coward | more than 2 years ago | (#38736266)

http://www.youtube.com/watch?v=XIizDImrzHI [youtube.com] Video of ATM bombings which is also epidemic in South Africa.

This is not a mundane detail Michael! (2)

antifoidulus (807088) | more than 2 years ago | (#38736620)

Are they sure it wasn't just a penny rounding scheme gone terribly awry?

Re:This is not a mundane detail Michael! (0)

Anonymous Coward | more than 2 years ago | (#38737076)

I must have put a decimal point in the wrong place or something.

No problem.. (1)

3seas (184403) | more than 2 years ago | (#38737036)

Since Money is just an abstract representation of value that only works as well as the agreed use by those using it, so to ease trade (vs. barter) and in this case its wasn't even paper or coin, they can type the numbers back into the system, like it was never gone. And this would be far from the first or last time the banksters do this.

This idea that to much of this abstract tool in circulation leads to inflation is bull shit, just and excuse of the banksters to play their game of manipulating the economies. Take enough money out of circulation and things crash (as would a car lacking oil) and here is where the banksters then buy properties and other real value up at pennies on the dollar. Then they put money back into circulation and build public confidence to the point of high consumer spending..... Rinse and repeat.

And now you know the game being played by the few at the top of the banksters criminal organization.

Oceans 14? (2)

hesaigo999ca (786966) | more than 2 years ago | (#38737048)

Is this the one where George sets up a house to be tilted, no wait, that was the second?
Oh yeah, ok, they rent a whole bunch of small mini coopers and.....nope...
Ok, I got it....she has to go under all the infrareds and slowly stealth her way through to the .....

Ok, nevermind, I think I am overloaded as it is...movin on....nothin I want to see here.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...