Skip to main content

How hackers allegedly stole “unlimited” amounts of cash from banks in just hours


http://cdn.arstechnica.net/wp-content/uploads/2013/05/cash.jpgFederal authorities have accused eight men of participating in 21st-Century Bank heists that netted a whopping $45 million by hacking into payment systems and eliminating withdrawal limits placed on prepaid debit cards.
The eight men formed the New York-based cell of an international crime ring that organized and executed the hacks and then used fraudulent payment cards in dozens of countries to withdraw the loot from automated teller machines, federal prosecutors alleged in court papers unsealed Thursday.
In a matter of hours on two separate occasions, the eight defendants and their confederates withdrew about $2.8 million from New York City ATMs alone. At the same times, "cashing crews" in cities in at least 26 countries withdrew more than $40 million in a similar fashion.
Prosecutors have labeled this type of heist an "unlimited operation" because it systematically removes the withdrawal limits normally placed on debit card accounts. These restrictions work as a safety mechanism that caps the amount of loss that banks normally face when something goes wrong. The operation removed the limits by hacking into two companies that process online payments for prepaid MasterCard debit card accounts issued by two banks—the National Bank of Ras Al-Khaimah PSC in the United Arab Emirates and the Bank of Muscat in Oman—according to an indictment filed in federal court in the Eastern District of New York. Prosecutors didn't identify the payment processors except to say one was in India and the other in the United States.
The first heist, which occurred on December 22 and targeted debit cards issued by the UAE bank, dispatched carders in about 20 countries that rapidly withdrew funds in more than 4,500 ATM transactions. In New York City alone, prosecutors said, the defendants and their co-conspirators withdrew almost $400,000 in some 750 fraudulent transactions from more than 140 different ATM locations. It took just two hours and 25 minutes for the New York cell to complete, prosecutors said. A second operation commenced on February 19 withdrew about $40 million in 36,000 transactions worldwide. In just 10 hours, the New York group allegedly withdrew about $2.4 million in almost 3,000 ATM transactions.
The operation exploited weaknesses in the way banks and payment processors handle prepaid debit cards, which usually are loaded with a finite amount of funds. These cards are often used by employers in place of paychecks and by charitable organizations to distribute disaster assistance. Once the accounts were hacked and the limits removed from accounts, cards were cloned and sent to cell groups throughout the world to make fraudulent withdrawals. Additional details of the operation are available in a press release outlining the charges.
The defendants—seven who are in custody and one who was reportedly murdered two weeks ago in the Dominican Republic—allegedly used the proceeds to buy expensive watches, cars, and other luxury items. The surviving defendants have been charged variously with conspiracy to commit access device fraud, money laundering conspiracy, and money laundering. If convicted, they each face a maximum sentence of 10 years in prison for each money-laundering charge and seven and a half years on conspiracy to commit access device fraud.

Comments

Popular posts from this blog

LG’s first flexible OLED phone due before the year is out

LG plans to launch a flexible OLED smartphone before the end of the year, the company’s VP of mobile has confirmed, though it’s unclear to what extent the work-in-progress handset will actually flex. The OLED panel in question is the handiwork of LG Display according to VP of LG mobile Yoon Bu-hyun, the WSJ  reports, with the proposed device set to launch sometime in Q4. LG Display’s work on flexible OLEDs has been underway for some time, though the company’s efforts have perhaps been overshadowed somewhat by rival Samsung’s YOUM development. Last year, according to a Korea Times report, LG Display was preparing for

Bing Apps for Windows 8 get major updates

Late least year, Microsoft rolled out a half dozen Bing Apps for Windows 8 users, each one focused on a specific category, such as travel and sports. The apps were designed to offer “immersive vertical experiences,” and now, about six months later, a big line of updates for them is being pushed out. Users can grab the updates now by heading into the Windows Store and selecting the updates notification.
Flexible displays are the Future of IT Industry! A part from 4k and smart home appliances, the CES 2013 saw a lot of attention being drawn towards bendable, flexible displays. The elasticised display idea isn’t something new as we have seen hoards of device concepts being crafted around flexible, bendable and even foldable displays. These concept devices give us a futuristic feel, be it a flexible phone to be worn around the wrist or a phone that opens up to turn into a tablet or PSP-like device. But how far is this future? Nokia has been toying with the idea ever since we remember. The technology sounds very fascinating and the possibilities and the extent to which bendable displays could be used are vast and leave us spellbound. However, these have always been concepts and we haven’t seen any device materialise in the real world. There have been several technologies that were conceived in these years and all have been put to their practical use. But the bendable d