funsec mailing list archives
SWIFT: A Security Researcher Gets Offered The Big Score
From: "Fergie" <fergdawg () netzero net>
Date: Sat, 10 Feb 2007 17:40:20 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via InformationWeek. [snip] The stakes can get pretty high in the hacker economy. A few years ago, a security researcher living overseas was contacted by a man with an intriguing offer: The researcher would get 2.2 million euros (more than $2.8 million) for each financial services firm he helped the man and his group of cybercriminals infiltrate. All the researcher had to do was provide the group with Windows Terminal Services access with administrative privileges for each bank, which the thieves would then penetrate via the Swift network. Swift, the Society for Worldwide Interbank Financial Telecommunication, manages a network owned by about 8,000 banks in 206 countries and territories to facilitate electronic transfers. The thieves seemed to have deep knowledge of the Swift system and how it could be manipulated. After pilfering funds from a number of banks, the thieves planned to create a shell game that would transfer the money from one financial institution to another until they could shake the trail of anyone investigating the theft and access the money. Cracking into the Swift systems was made easier, the researcher claims, by the presence of a critical Microsoft bug that at the time left vulnerable Internet Information Services servers running Secure Sockets Layer transactions. [snip] More: http://www.informationweek.com/showArticle.jhtml?articleID=197004915 Background: http://www.theregister.co.uk/2006/08/22/terrorist_finance_snoop/ - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFFzgN5q1pz9mNUZTMRAg6vAKCbtsLU9+iKflTDBsfw1fB/6Fu/hgCfZ+M1 9ZloDypylmxs/Ak5OuGxXPM= =+XlK -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- SWIFT: A Security Researcher Gets Offered The Big Score Fergie (Feb 10)
- Re: SWIFT: A Security Researcher Gets Offered The Big Score Dennis Henderson (Feb 10)
- Re: SWIFT: A Security Researcher Gets Offered The Big Score Gadi Evron (Feb 10)
- Re: SWIFT: A Security Researcher Gets Offered The Big Score Blue Boar (Feb 10)
- Re: SWIFT: A Security Researcher Gets Offered The Big Score Dennis Henderson (Feb 10)