Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

ATMs Compromised, $45M Taken

Soulskill posted about a year and a half ago | from the designed-for-redundancy-not-security dept.

The Almighty Buck 196

An anonymous reader sends this news from the Associated Press: "A worldwide gang of criminals stole a total of $45 million in a matter of hours by hacking their way into a database of prepaid debit cards and then draining cash machines around the globe, federal prosecutors said Thursday. ... Here’s how it worked: Hackers got into bank databases, eliminated withdrawal limits on prepaid-debit cards and created access codes. Others loaded that data onto any plastic card with a magnetic stripe — an old hotel key card or an expired credit card worked fine as long as it carried the account data and correct access codes."

Sorry! There are no comments related to the filter you selected.

I wonder how much was skimmed by the bag men (4, Insightful)

gatkinso (15975) | about a year and a half ago | (#43683847)

I mean, can you really trust that some guy half way around the world is going to turn over the cash he just stole for you?

Re:I wonder how much was skimmed by the bag men (2)

Budgreen (561093) | about a year and a half ago | (#43683869)

by fear... yes.

Re:I wonder how much was skimmed by the bag men (1)

gatkinso (15975) | about a year and a half ago | (#43683893)

Of course. Here is the $10,000 I stole for you. (pockets $50,000)

Re:I wonder how much was skimmed by the bag men (5, Insightful)

Anonymous Coward | about a year and a half ago | (#43684045)

They had the bank's database, its possible that they could tell pretty easily exactly how much they had withdrawn.

Re:I wonder how much was skimmed by the bag men (0)

Anonymous Coward | about a year and a half ago | (#43684117)

Of course. Because you returned them yourself I won't kill you, just snip a finger for those $10,000. So, surely you're not hiding anything else?

Re:I wonder how much was skimmed by the bag men (2)

slashdyke (873156) | about a year and a half ago | (#43683897)

Hey, if some guy around the world stole for me and skimmed a little off the top, would I care too much if I received $30,000,000 instead of the $35,000,000 I was thinking I would receive? Then there is the flip side... With all the money the banks have lost in recent years, forcing foreclosures, lost jobs, and so forth, maybe it was not so much that the guys "at the top" got the money, but that the banks lost it. What was their intention? Get rich, or rob from the rich?

Re:I wonder how much was skimmed by the bag men (4, Funny)

Joce640k (829181) | about a year and a half ago | (#43683971)

Hey, if some guy around the world stole for me and skimmed a little off the top, would I care too much if I received $30,000,000 instead of the $35,000,000 I was thinking I would receive?

Don't give up your day job and go into drug dealing, it won't work out for you.

Re:I wonder how much was skimmed by the bag men (4, Funny)

slashdyke (873156) | about a year and a half ago | (#43683999)

Not to worry. I was not planning to.

Re:I wonder how much was skimmed by the bag men (0)

Anonymous Coward | about a year and a half ago | (#43684065)

This is the best advice I have heard in a long time! Thank you!

Re:I wonder how much was skimmed by the bag men (-1)

Anonymous Coward | about a year and a half ago | (#43684259)

I was a drug dealer once, but then I took an arrow to the knee.

Re:I wonder how much was skimmed by the bag men (2)

gl4ss (559668) | about a year and a half ago | (#43685195)

Hey, if some guy around the world stole for me and skimmed a little off the top, would I care too much if I received $30,000,000 instead of the $35,000,000 I was thinking I would receive?

Don't give up your day job and go into drug dealing, it won't work out for you.

this is pretty a different enterprise than drug dealing, so having to care about someone taking off from the deal doesn't matter as much, it all scales and the reason why they would pay and not keep everything is to keep receiving cc numbers sometimes in the future - and in part they work for clicks and the click needs to keep it's connection to the next level ok.

Re:I wonder how much was skimmed by the bag men (2)

thomasw_lrd (1203850) | about a year and a half ago | (#43685135)

They stole prepaid debit card numbers. They did not steal from the rich, they stole from the poor. This isn't a gang of Robin Hoods, but a gang of Jesse James's (?).

Re:I wonder how much was skimmed by the bag men (1)

Anonymous Coward | about a year and a half ago | (#43683955)

To some extent by greed , if you have issued him with x numbers of accounts you would expect a return of y amont of cash.

If this dosnt happen you would not include him in the next round of account numbers and if you had the connections send some of the local boys around to discuss the matter with them over tea and cakes.

Re:I wonder how much was skimmed by the bag men (5, Informative)

Anonymous Coward | about a year and a half ago | (#43683981)

They did "discuss"

  Mr. Lajud-Peña fled the United States just as the authorities were starting to make arrests of members of his crew, the law enforcement official said.

On April 27, according to news reports from the Dominican Republic, two hooded gunmen stormed a house where he was playing dominoes and began shooting. A manila envelope containing about $100,000 in cash remained untouched.

Re:I wonder how much was skimmed by the bag men (1)

Anonymous Coward | about a year and a half ago | (#43683961)

I mean, can you really trust that some guy half way around the world is going to turn over the cash he just stole for you?

Mr. Lajud-Peña fled the United States just as the authorities were starting to make arrests of members of his crew, the law enforcement official said.

On April 27, according to news reports from the Dominican Republic, two hooded gunmen stormed a house where he was playing dominoes and began shooting. A manila envelope containing about $100,000 in cash remained untouched.

Re:I wonder how much was skimmed by the bag men (1)

Anonymous Coward | about a year and a half ago | (#43684013)

I mean, can you really trust that some guy half way around the world is going to turn over the cash he just stole for you?

Yes, I think so. According to the article, the guys in charge were watching and knew exactly how much money the street crews were withdrawing: "While the street crews were taking money out of bank machines, the computer experts were watching the financial transactions from afar, ensuring that they would not be shortchanged on their cut."

I'm not sure how they enforced the cash handover, but presumably a criminal organization capable of mounting a coordinated international operation would know how to do that.

Re:I wonder how much was skimmed by the bag men (1)

RobertLTux (260313) | about a year and a half ago | (#43684151)

thats an solved problem since all they would have to do is have the members of a Sicilian* Debate Team have a "forceful chat" with the street guys as to the extent of their "cut".

* please note you can substitute Northern Irish, Japanese and Russian here as required

Re:I wonder how much was skimmed by the bag men (1)

Anonymous Coward | about a year and a half ago | (#43684337)

I mean, can you really trust that some guy half way around the world is going to turn over the cash he just stole for you?

You sell the card info and PIN's, right? Like, this is the information for a $500 prepaid Visa, want to buy it for $20?

Re:I wonder how much was skimmed by the bag men (1)

egcagrac0 (1410377) | about a year and a half ago | (#43685037)

That's a lousy return. I wouldn't want 4 cents on the dollar.

You do better to hire a crew of operators and instruct them to find an ATM, withdraw $500, and give you $400, and never talk to you again. (That's 80 cents on the dollar, and that's not even good.)

Fractional reserve banking (1)

Errol backfiring (1280012) | about a year and a half ago | (#43685109)

That is an interesting one. As far as I understand it, they did not steal from individuals, but from the bank. Off course this is the same as grabbing from someone else's savings, but so is fractional reserve banking. So in a way, if your bank does it, it is normal, if someone else does it, all of a sudden it is criminal.

Why wouldn't they work? (0)

Anonymous Coward | about a year and a half ago | (#43683871)

Why wouldn't an Old Hotel card with a mag stripe work if it had the info the reader was expecting? I mean it's interesting that it worked, but why is that of note?

Re:Why wouldn't they work? (3, Funny)

TheCRAIGGERS (909877) | about a year and a half ago | (#43684055)

Welcome to Slashdot Summaries, where the grammar is bad and the content mostly random.

Re:Why wouldn't they work? (0)

Anonymous Coward | about a year and a half ago | (#43684165)

Chat site with news deviant? Oh wait, that's Slashdot Japan.

Re:Why wouldn't they work? (5, Funny)

Anonymous Coward | about a year and a half ago | (#43684297)

Welcome to Slashdot: Where everything's made up, and the mod points don't matter.

Re:Why wouldn't they work? (1)

fustakrakich (1673220) | about a year and a half ago | (#43685103)

Sounds like a good encryption scheme. Even two million slashdotters can't break the code.

Re:Why wouldn't they work? (1)

Bill, Shooter of Bul (629286) | about a year and a half ago | (#43684089)

I think they are trying to emphasis that the thieves only needed to fool the machines with a card that could easily be detected by the average joe as fake. Its pretty obvious fact. Its stupid news reporting. Local news does it all the time: " Woman who died choking on hot dog did not expect to die watching a baseball game, in fact none of us do either!"

Re:Why wouldn't they work? (5, Informative)

Anonymous Coward | about a year and a half ago | (#43684099)

Why wouldn't an Old Hotel card with a mag stripe work if it had the info the reader was expecting? I mean it's interesting that it worked, but why is that of note?

Because a lot of people don't understand that a mag strip is a mag strip, regardless of what piece of plastic it's connected to. There's an opportunity here to talk about how some types of chipped cards can prevent this type of easy duplication, but they missed it.

Re:Why wouldn't they work? (4, Funny)

Frankie70 (803801) | about a year and a half ago | (#43684209)

I mean it's interesting that it worked, but why is that of note?

If it's not of note, then why is it interesting?

Re:Why wouldn't they work? (0)

ArcadeMan (2766669) | about a year and a half ago | (#43684505)

If it's not interesting, would it have worked?

Re:Why wouldn't they work? (1)

Frankie70 (803801) | about a year and a half ago | (#43685145)

If it wouldn't have worked, would it have been interesting?

Like they say: (1)

VortexCortex (1117377) | about a year and a half ago | (#43683885)

"Hack The Paynet!"

Re:Like they say: (0)

skids (119237) | about a year and a half ago | (#43684467)

It does give a new meaning to the term "Flash Mob"

Afterwards.... (4, Funny)

TheCRAIGGERS (909877) | about a year and a half ago | (#43683909)

And then they all hoped into their Mini Coopers and drove off into the sunset, leaving a stream of bills fluttering in the wind.

Re:Afterwards.... (2)

Chris Mattern (191822) | about a year and a half ago | (#43684095)

Bah. Any true thief makes bill-trailing getaway in a Fiat 500. [blogspot.com]

Re:Afterwards.... (0)

Anonymous Coward | about a year and a half ago | (#43684545)

Goat bills?!

Who pays? (1)

Anonymous Coward | about a year and a half ago | (#43683913)

I do. And you. Who is at fault? The banks and CC companies. How happy am I with banks? Not very.

Re:Who pays? (1)

deKernel (65640) | about a year and a half ago | (#43684129)

Well, if they are prepaid cards then the financial entity which are the two banks are on the hook for the money. Visa or MasterCard have nothing to do with this other than maybe the routed the requests to the banks for authentication.

Re:Who pays? (4, Insightful)

alexander_686 (957440) | about a year and a half ago | (#43684537)

What I think AC is trying to say is that yes, the banks are on the hook for the funds. Having lost the money the banks will try to make up for it by raising fees and interest, so it all tricks back down to the consumer.

Re:Who pays? (1)

umghhh (965931) | about a year and a half ago | (#43685031)

If your bank cannot do it right it does what most of western states also do - borrow in a hope the money to cover the costs will be earned later.

If them banks do it right - the cost of service is on you as a customer just as profit of the company is. If they have no profit and/or do not pay for services they need to keep your money safe and buy insurance to pay for losses if things go wrong etc then you have a good chance of being parted from your money anyway.

The question here is: which banks were they the ones that saved on all but salaries of directors or the ones that tried and failed to protect their business.

I just wonder - were insider help needed there? TFA seems to believe the hacking crew had a clear access into finance systems - so it is not little identity theft, was it possible without any insider? If so then another interesting question/issue can be: states like Germany feel free to bribe anybody who wants to take money and sell secrete data of banks all over the place - the socialists that specialize in this art of 'investigation' claim that if not tax evasion there would be no financial problems in the country but I digress. If I were a bank clerk with access to some fat financial data DB I would consider working with German tax office but in lack of its interest I would cooperate hackers too. I think they will strike again - there is a good reason why the chief of NY street crew was shot dead I guess - the hand is off but the head may still be free and working on a better plan....

Surely this sort of thing is better than Bitcoin. (-1)

Anonymous Coward | about a year and a half ago | (#43683927)

More safe and less problematic, totally something you can trust.
And most importantly doesn't have inflation.
Vote for $!!!!!

Re: Surely this sort of thing is better than Bitco (1, Insightful)

bondsbw (888959) | about a year and a half ago | (#43684135)

The problem is that if Bitcoin takes off, banks will still treat it like regular currency. Once you make a deposit, the bank will add it to a pool, and withdrawals will come from that pool. Your account holdings will still be a decimal formatted number in a database somewhere.

Banks and creditors need a new transaction system built on cryptography, single use keys, and enhanced by Internet connectivity, to protect their customers. And they needed it yesterday.

Re: Surely this sort of thing is better than Bitco (3, Informative)

Anonymous Coward | about a year and a half ago | (#43684393)

Except that you don't need a bank just to keep your money in with bitcoin.
The money is stored in the transactions that are in the block chain and replicated everywhere.
You just need to store the private key that signed those transactions to be able to "spend" that money.

You don't need a bank, you just need to be able to store a few hundred bytes of data to prove the bitcoins are yours.

Re: Surely this sort of thing is better than Bitco (1)

Anonymous Coward | about a year and a half ago | (#43684423)

Nearly correct.

We the people need a new transaction system built on cryptography, single use keys, and enhanced by Internet connectivity that does not involve banksters having any part of !

Banks were a good idea when they needed fortified properties and guards to protect the actual gold. Now that money is simply a set of 1's and 0's in a comuter they are no longer required.

Re: Surely this sort of thing is better than Bitco (1)

Meneth (872868) | about a year and a half ago | (#43684539)

The problem is that if Bitcoin takes off, banks will still treat it like regular currency. Once you make a deposit, the bank will add it to a pool, and withdrawals will come from that pool. Your account holdings will still be a decimal formatted number in a database somewhere.

Not with Bitcoin. Sure, they could use a pool, but that wouldn't do them any good.

The reason for the pool is called Fractional reserve banking [wikipedia.org] , and that's impossible to do with Bitcoin.

Re: Surely this sort of thing is better than Bitco (3, Insightful)

Procrasti (459372) | about a year and a half ago | (#43685011)

Could you please explain how this is impossible with Bitcoin?

The banks were doing it back in the days of gold. They held a vault full of gold and kept an account of who owned what gold on a ledger. Then they lent out some of that gold, or rather, they lent out notes for gold which they still kept in the vault, in fact, they lent out more gold than they actually had in the vault. This works fine as long as the number of people withdrawing real gold from the vaults doesn't exceed deposits.

There is no reason they can't run a fractional reserve system with bitcoin. Of course the bank's bitcoin holdings will be stored in the bitcoin transaction log, but their customer accounts valued in bitcoins will be stored in an entirely different log altogether, a log held by the bank.

Do you think that bitcoins traded on MtGox are recorded in the bitcoin transaction log too? Then you do not understand either bitcoin or finance. No, the only transactions in the bitcoin log are for deposits or withdrawals too and from MtGox... MtGox tracks your holdings completely separately.

While I think bitcoin is a great idea, not being able to run a fractional reserve lending system based on them is not one of its advantages. Infact, when they go mainstream, I think this is inevitable. The virtual supply of bitcoins (held by depositors in bank accounts) will then be far greater than the actual supply limit of 21M bitcoins recorded in the bitcoin log.

This is no different to the fact that the amount of money sitting in bank accounts now far exceeds the amount of money that exists in actual currency. You've just come to think of them as being the same thing. They are not.

Ocean's eleven (3, Insightful)

vikingpower (768921) | about a year and a half ago | (#43683931)

Media all around the world are comparing this heist to Ocean's Eleven. Funny, but prolly not the first time that a movie yields the cultural background material for understanding viz. interpreting a crime...

honeypasswords? (1)

Anonymous Coward | about a year and a half ago | (#43684027)

now think again about the article a couple days back about false accounts that just flag intrusion warnings.

They got into the banks computer somehow and were undetected. Those accounts are just another way to possibly detect intrusion.

Re:honeypasswords? (4, Interesting)

Qzukk (229616) | about a year and a half ago | (#43684109)

Since the cards were used to steal directly from the bank and they've got no place to chargeback to like they usually do to cover their losses due to their insecurity, I wonder if we'll finally see a sudden outbreak of security from the banks.

Re:honeypasswords? (4, Interesting)

Pinky's Brain (1158667) | about a year and a half ago | (#43684279)

They already have huge losses from skimming to make them care about security, it was probably an inside job ... they usually are.

Re:honeypasswords? (4, Insightful)

bws111 (1216812) | about a year and a half ago | (#43684289)

It comes down to which costs more: fixing the security problems, or losses due to security problems. My guess is that fixing the security problems would cost far more, so don't think anything is going to change.

Petty thieves (5, Insightful)

140Mandak262Jamuna (970587) | about a year and a half ago | (#43684047)

This is not how bank fraud should be done. The right and proper way is to become too big to fail, to big to jail, rig the LIBOR rates, create systematic rigging, award oneself huge salaries and bonuses, threaten worldwide economic collapse, hold governments to ransom and get huge bail out money. The master criminals running the banks are dismayed by petty criminals stealing from them.

Re:Petty thieves (3, Funny)

TrentTheThief (118302) | about a year and a half ago | (#43684317)

Oh, lord, that was good. I wish I could give you an up-vote or something.

Would you accept this old hotel swipe card as a token of my esteem? It should work in any ATM.

Re:Petty thieves (3, Insightful)

Overzeetop (214511) | about a year and a half ago | (#43684363)

Seriously. Isn't this "heist" considered rounding error for financial CEO bonuses?

Re:Petty thieves (5, Interesting)

dkleinsc (563838) | about a year and a half ago | (#43684375)

You left out foreclosing on homes without the legal right to do so, laundering drug money, trading with Iran and other enemies of the country you're based on, and of course occasionally paying off regulators to help get away with it all. But then again, banks committing serious crimes is nothing new. As Major General Smedley Butler argued:

I spent 33 years and four months in active military service and during that period I spent most of my time as a high class muscle man for Big Business, for Wall Street and the bankers. In short, I was a racketeer, a gangster for capitalism. I helped make Mexico and especially Tampico safe for American oil interests in 1914. I helped make Haiti and Cuba a decent place for the National City Bank boys to collect revenues in. I helped in the raping of half a dozen Central American republics for the benefit of Wall Street. I helped purify Nicaragua for the International Banking House of Brown Brothers in 1902-1912. I brought light to the Dominican Republic for the American sugar interests in 1916. I helped make Honduras right for the American fruit companies in 1903. In China in 1927 I helped see to it that Standard Oil went on its way unmolested. Looking back on it, I might have given Al Capone a few hints. The best he could do was to operate his racket in three districts. I operated on three continents.

Re:Petty thieves (-1)

Anonymous Coward | about a year and a half ago | (#43684561)

foreclosing on homes without the legal right to do so

No offense, they foreclosed on the dumb cunts who took out mortgages they had no way of repaying.... or the dumber cunts who financed depreciables against their home. Sorry the government didnt save people from their own stupidity boo hoo. Government doesn't stop you from eating McDonalds and chips to your grave or smoking your lungs away either. Cigarette companies and junk food purveyors profit from peoples lack of self control as well. Nobody forced you to take out a mortgage that grade 9 math would indicate you could never pay off.

Deal with it.

Re: Petty thieves (0)

Anonymous Coward | about a year and a half ago | (#43684883)

You're the dumb cunt. There were examples of banks foreclosing on homes that had no mortgages, owned by the homeowner outright.

Re:Petty thieves (5, Insightful)

dkleinsc (563838) | about a year and a half ago | (#43685125)

On several documented occasions, they've foreclosed on people who had no mortgage whatsoever. They've foreclosed on people that lived next door to people they were intending to foreclose on due to typos. They've foreclosed on people who have paid their mortgage on time but the paperwork got mixed up by a servicer.

The victims aren't just victims of their own stupidity.

Pfft (-1)

Anonymous Coward | about a year and a half ago | (#43684077)

Obama stole $862 BILLION on a failed "stimulus" package that didn't create a single job.

Re:Pfft (1)

Anonymous Coward | about a year and a half ago | (#43685093)

Bush wasted 1.4 trillion on wars over seas and is responsible for the deaths of thousands due to these wars.

See, both sides can make intentionally misleading claims.
Grow up.

Not ATMs, the debit card system (5, Insightful)

RichMan (8097) | about a year and a half ago | (#43684121)

ATMs themselves were not compromised. The authentication system for debit cards was. Sure the money came from ATMs but the authentication that came from it was the backend systems.

It was the backend banking system that was compromised, not ATMs. The ATMs worked perfectly and gave out cash only to authorized cards. There was no problem with the ATMs.

Re:Not ATMs, the debit card system (5, Funny)

Anonymous Coward | about a year and a half ago | (#43684359)

So to clarify, the ATM's had the problem?

Re:Not ATMs, the debit card system (5, Interesting)

Anonymous Coward | about a year and a half ago | (#43684491)

As someone who writes banking software, Yes. The ATMs trusted the withdrawal limits in the response from the authorization system. When the authorization system returned a response stating it was OK for the user of this account to withdraw $10K in cash, the ATM should have flagged that amount as suspicious and refused to complete the transaction.

Re: Not ATMs, the debit card system (3, Insightful)

thinuspollard (1093519) | about a year and a half ago | (#43685089)

ATMs are dumb devices. All transactions are autorised by the upstream system, which typically include fraud detection systems. If the upstream system authorise a transaction and instructs the ATM to dispense, the ATM dispenses. There is zero intelligence in an ATM. None. Everything gets done from the upstream host. These guys had access to the authorising host where they modified the authorising pipeline to ignore the limits that were placed on cash withdrawals. I work in the industry. It's complicated

Re:Not ATMs, the debit card system (1)

fustakrakich (1673220) | about a year and a half ago | (#43685161)

...the ATM should have flagged that amount as suspicious and refused to complete the transaction.

Can that be done with Windows 98?

Re:Not ATMs, the debit card system (0)

Anonymous Coward | about a year and a half ago | (#43684495)

Mod parent up! I'm wondering myself!

Re:Not ATMs, the debit card system (1)

ArcadeMan (2766669) | about a year and a half ago | (#43684543)

Are you dense or can't you read? The ATMs WERE the problem!

Re:Not ATMs, the debit card system (0)

Anonymous Coward | about a year and a half ago | (#43684603)

whooooooooooooooooosh!!!

Re:Not ATMs, the debit card system (0)

Anonymous Coward | about a year and a half ago | (#43684835)

whooooooooooshhh! x 2

Re:Not ATMs, the debit card system (0)

Anonymous Coward | about a year and a half ago | (#43684497)

Just to clarify, it wasn't a problem with the ATM machines, but with the CC cards?

Re:Not ATMs, the debit card system (0)

Anonymous Coward | about a year and a half ago | (#43684517)

I think the parent made perfectly clear that the ATM's were the root of evil.

I guess US banks will re-evaluate.. (3, Insightful)

strangeattraction (1058568) | about a year and a half ago | (#43684137)

I guess US banks will re-evaluate the use the more secure smart carts. They have been reluctant to use them because the cost of adoption was greater than their projected losses due to theft. So much for that theory. Another failure to predict the risk.

Re:I guess US banks will re-evaluate.. (0)

Anonymous Coward | about a year and a half ago | (#43684283)

US EMV migration is already underway with fixed required dates for payment processors, merchants and banks. This incident will not change that schedule. And if they can hack into the back end systems they can still compromise EMV.

Re:I guess US banks will re-evaluate.. (1)

Zero__Kelvin (151819) | about a year and a half ago | (#43684293)

Actually, it was only about 45 Million. That is a lot to us, but I doubt it is enough to make the banks quake in their boots. They'll just use this as an excuse to up percentage points by one and walk away with a nice profit from the ordeal.

Re:I guess US banks will re-evaluate.. (2)

bws111 (1216812) | about a year and a half ago | (#43684417)

So much for that theory

Wait, do you actually believe that the cost of adding smart chips to all credit cards, modifying all ATMs to use the smart chips, etc would be LESS than $45M? What are you smoking? There are almost 620 MILLION credit cards in the US. There are 2.2 MILLION ATMs in the US. Please tell us how you plan to upgrade all of that for less than $45M.

The problem is not underestimation of risk, it is underestimation of cost by the second-guessers.

Re:I guess US banks will re-evaluate.. (3, Funny)

ArcadeMan (2766669) | about a year and a half ago | (#43684583)

Put "Smart Chip Compatible" stickers on all ATMs and cards? I don't think a sticker would cost more than 13.82$USD.

Re:I guess US banks will re-evaluate.. (1)

bws111 (1216812) | about a year and a half ago | (#43684707)

See, you can't even estimate the cost correctly for a joke. At your cost of $13.82 per sticker, just adding stickers to all cards and ATMs would cost $8.5B, not including the cost of getting the stickers to the cards.

Re:I guess US banks will re-evaluate.. (1)

ArcadeMan (2766669) | about a year and a half ago | (#43684779)

So, 72324$USD for each card and ATMs? Or is my math off again?

Re:I guess US banks will re-evaluate.. (1)

ArcadeMan (2766669) | about a year and a half ago | (#43684795)

Crap I think I multiplied instead of dividing

0.07$USD

Sounds about right for one sticker.

Re:I guess US banks will re-evaluate.. (0)

Anonymous Coward | about a year and a half ago | (#43684715)

Well... if others start doing this, and it's this easy to get $45M a pop, then if 100 gangs to this, does a potential $4.5B make it more compelling to add smartcard chips into their hardware? How about if we up the number of gangs to 1000 and the potential loss to $45B? 1000 gands doesn't sound like a lot at all if you take the whole world into account. And this whole world may target the US only because it's so easy. $45B of losses on US soil, none outside. Is that risky enough or still no?

Re:I guess US banks will re-evaluate.. (1)

SunTzuWarmaster (930093) | about a year and a half ago | (#43684861)

The benchmark isn't $45M. This can and will continue to happen until the security problems are fixed. If you don't want your ATM to be a Quik-E-Mart you are going to have to upgrade security.

Re:I guess US banks will re-evaluate.. (1)

Skater (41976) | about a year and a half ago | (#43684935)

Wait, do you actually believe that the cost of adding smart chips to all credit cards, modifying all ATMs to use the smart chips, etc would be LESS than $45M? What are you smoking? There are almost 620 MILLION credit cards in the US. There are 2.2 MILLION ATMs in the US. Please tell us how you plan to upgrade all of that for less than $45M.

The problem is not underestimation of risk, it is underestimation of cost by the second-guessers.

It's interesting to me that I've had one of the chipped cards for several years now - at least 4 or 5 years. I assumed when I received it that our other cards would be moving that way, too, but every card we have has been replaced since then - some several times - and none of them have the chip, or if they do they don't mention it. I suspect we'll be seeing more chipped cards after this, though. You're right, it's expensive, but not every bank has billions of dollars to lose, either - for example, credit unions are often much smaller.

OTOH, I saw a classic imprint machine in use less than two years ago. With tech like that still around, who knows how long a full switchover would take?

Anyone else remember the books of valid card numbers cashiers used to have?

idiots already have been arrested (5, Interesting)

alen (225700) | about a year and a half ago | (#43684141)

one of them was found dead on April 27 in the Dominican Repblic
eight have already been arrested

turns out the geniuses went shopping for rolexes and luxury cars with the cash
cash has serial numbers. everything is video taped. it was only a matter of time before the cops tracked them down

Re:idiots already have been arrested (0)

Anonymous Coward | about a year and a half ago | (#43684529)

one of them was found dead on April 27 in the Dominican Repblic
eight have already been arrested

turns out the geniuses went shopping for rolexes and luxury cars with the cash
cash has serial numbers. everything is video taped. it was only a matter of time before the cops tracked them down

Like Somalian pirates. Get easy money and live and die by the high-life. Isn't that what life is about? :)

Re:idiots already have been arrested (3, Interesting)

GPLDAN (732269) | about a year and a half ago | (#43684843)

I also believe that there are databases that trace bill serial numbers to the ATMs that distributed them. The banks probably had a database of every bill issued to the criminals. Once they surfaced anywhere, they were going to be tracked. Also, nobody in underworld finance would dare launder that heist. Those were toxic bills and probably why they got caught quickly.

Quid Pro Quo (1)

woboyle (1044168) | about a year and a half ago | (#43684149)

Now the banks have an inkling of how we feel about them stealing us blind in the mortgage fiasco! I only wish these hoods got away with about $4.5B instead of a paltry $45M. Then, the results would have been more equitable... :-(

Re:Quid Pro Quo (3, Informative)

ebno-10db (1459097) | about a year and a half ago | (#43684451)

I only wish these hoods got away with about $4.5B instead of a paltry $45M.

In that case they'd be playing golf with the president instead of being prosecuted. Their problem was thinking small.

the important part of the story was the last parag (5, Interesting)

etash (1907284) | about a year and a half ago | (#43684153)

the leader of the gang flew out of the US, and masked gunmen shot him down in the dominican republic. he had 100.000 usd with him and they were untouched. I wouldn't say that the hacked financial institutions didn't get their revenge.

Re:the important part of the story was the last pa (1)

GPLDAN (732269) | about a year and a half ago | (#43684851)

Another Felix Leiter job well done.

Great (2)

Dunbal (464142) | about a year and a half ago | (#43684155)

Now all the bank has to do is ask the Fed for a zero interest $50 million loan and it's all good, like nothing happened. Because too big to fail means we reinforce failures and give them all the support they need so they can keep failing. Seriously, what kind of bank lets people into their database? Do they have happy hour in the vault, too?

Re:Great (2)

ebno-10db (1459097) | about a year and a half ago | (#43684479)

Now all the bank has to do is ask the Fed for a zero interest $50 million loan and it's all good, like nothing happened.

I don't think they bother with a mere $50M loan. They probably write it off as a petty cash loss.

Meh... (0)

Anonymous Coward | about a year and a half ago | (#43684171)

Consider the total economic impact. For the measly expenditure of $45 million, how many newspapers are sold that wouldn't have, how much ad revenue is generated that wouldn't have, how many Rolexes and Benzes are sold that wouldn't have, how many more insurance policies are sold, etc. Cops get some fun and exercise, trial lawyers get to send their kids to exclusive schools in limos, and so on.

Meanwhile there's this guy at the Fed passing $1 TRILLION or so in worthless paper per year. You tell me who's the bigger criminal.

Re:Meh... (1)

gander666 (723553) | about a year and a half ago | (#43684349)

I think I recognize the thinking of Slippery Jim DeGriz in that. Ah, the stainless steel rat, one of my favorites.

Haaaaaaaax! (0)

Anonymous Coward | about a year and a half ago | (#43684305)

LOL, nobody is hacking, you noob. It's called "skills". You just suck.

12 Arabic Accounts? (0)

Anonymous Coward | about a year and a half ago | (#43684357)

If I read that story right, it sounds like the $40 million was taken from just 12 total accounts out of the UAE.

Another Bad Headline (1)

Nukenbar (215420) | about a year and a half ago | (#43684361)

The ATM's themselves were not compromised.

The bank's computers were compromised and the limits on ATM withdrawals was removed from certain accounts.

And just when I was about to buy a debit card... (1)

Anonymous Coward | about a year and a half ago | (#43684401)

This was one of those rare times when reading the news was actually informative. First time in about a year or so...
Finally, an excuse for coming here :) Thanks!

Amateurs (1)

ebno-10db (1459097) | about a year and a half ago | (#43684421)

A lousy $45M and a bunch of them were caught and will be prosecuted. Amateurs. The Best Way to Rob a Bank Is to Own One [google.com] . If these petty crooks had any brains, they'd at least have read the book.

Update: the book is a little dated because it's about the S&L crisis. Back then people were prosecuted for control fraud. Nowadays doing it on a big enough scale means you get to play golf with the president. $45M is skimming the petty cash.

Easy to hack into international banks (5, Interesting)

ZiggyM (238243) | about a year and a half ago | (#43684541)

two years ago I posted here how while waiting on a bank in Peru I played with a terminal that was there to show the bank website. In 5 minutes I was able to get into their WAN just by clicking arround. I could see all the networks inside, and inside that I could see the individual machines which has excel files and such. I inmediatelly reported it to the manager. In the US that could have gotten me arrested. I took a pic as a souvenir, which I still have. A month later I was there again and noticed that they had simply disabled right-click on the browser (it was one of the steps that I reported). After 10 min I was able to get into the network again. Told again the manager. Two years later (last week) I noticed that they still hadnt fixed it. Didnt say anything this time, but left the network screen open.

Re:Easy to hack into international banks (0)

Anonymous Coward | about a year and a half ago | (#43684873)

Next time report it to some government authorities. Submit screenshot as well. If _that_ doesn't get the poblem fixed, they deserve whatever they have coming.

I was going to suggest that you offer your consultancy services to help them fix the problem, but after rephrasing that proposal twice I came up to the conclusion that it would be a very bad idea to do so unless you're a big IT security consultancy company.

Good for them. (0)

Anonymous Coward | about a year and a half ago | (#43684553)

The banks have been ripping people off with their bailouts and illegal forclosures and being too big to fail that they don't get prossecuted for any of it. The Law makers, Courts and Enforcement are all accesories to those acts.

As far as I am concerned, I hope they guys get away with it.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?