It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
The Federal Bureau of Investigation is probing a computer-security breach targeting Citigroup Inc. that resulted in a theft of tens of millions of dollars by computer hackers who appear linked to a Russian cyber gang, according to government officials.
The attack took aim at Citigroup's Citibank subsidiary, which includes its North American retail bank and other businesses. It couldn't be learned whether the thieves gained access to Citibank's systems directly or through third parties.
U.S. authorities are investigating the theft of an estimated tens of millions of dollars from Citibank by hackers partly using Russian software tailored for the attack, according to a news report.
The security breach at the major U.S. bank was detected mid-year based on traffic from Internet addresses formerly used by the Russian Business Network gang, The Wall Street Journal said Tuesday, citing unnamed government sources. The Russian Business Network is a well-known group linked to malicious software, hacking, child pornography and spam. The Federal Bureau of Investigation is probing the case, the report said.
It was not known whether the money had been recovered and a Citibank representative said the company had not had any system breach or losses, according to the report.
The report left unclear who the money was stolen from but said a program called Black Energy, designed by a Russian hacker, was one tool used in the attack. The tool can be used to command a botnet, or a large group of computers infected by malware and controlled by an attacker, in assaults meant to take down target Web sites. This year a modified version of the software appeared online that could steal banking information, and in the Citi attack a version tailored to target the bank was used, the Journal said.
The attackers also targeted a U.S. government agency and one other unnamed entity, the report said, adding that it was unknown if the attackers accessed Citibank systems directly or through other parties.
You are wrong about the "re-programmed white cards" thing there is no such thing. there are no special encoders all is need is a card reader writer and blank PVC to encode and Debit card w/ pin, encode the plastic & this will work at almost any ATM it was around early 2005 that Union Bank & USA Bank ATM's would take blank PVC, it would only worked you one was to use a real printed card.
Originally posted by brill
This draws similarity to the Citibank hacks involving russian hackers and Gonzalez. I was always under the impression that CitiBank/Group are two separate corporations. Either way Gonzalez was knee deep in this and may have used insider info because, as others have pointed out, he was an informant.
The CitiBank hacks involved re-programmed white cards, magtripe encoders and targeted 7-11 ATM's associated with CitiBank. Apparently the breach was via a public facing portion of 7-11 that eventually, once hacked, led to ATM control to some degree. It shows the old saying that no matter how much your defensively situated its always your weakest link that causes you grief.
For the POS, I've read some interesting papers lately that deal with a somewhat older hack called ram scraping. Basically on a compromised POS terminal there are point where the data flow is not encrypted and stored in memory. Programs are able to glean that valuable data which includes user ID, pin info, etc.
I don't believe for a second these are fabricated hacks as others have alluded to, they are very real, very prosperous and very much being kept under the media radar.
[edit on 22-12-2009 by brill]