Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Government The Courts News

Keylogging Used To Catch Bank Crackers 190

Posted by Zonk from the valuable-bits dept.
An anonymous reader writes "BBC News is reporting that the British police National High Tech Crime Unit has foiled an attempted fraud by hackers using keylogging software. The London branch of the Sumitomo Mitsui bank of Japan was the target, and a person has been arrested in Israel after being identified as the recipient of an attempted electronic transfer of UKP13.9m."
This discussion has been archived. No new comments can be posted.

Keylogging Used To Catch Bank Crackers More

Keylogging Used To Catch Bank Crackers

Comments Filter:

  • Even the submitter didn't read the article!! (Score:5, Insightful)

    by REBloomfield ( 550182 ) on Thursday March 17, 2005 @11:55AM (#11965362)
    The crooks were the ones using the keyloggers, not the people who caught them!!!!!!

  • Too much (Score:2, Insightful)

    by turtled ( 845180 )
    Man, trying to get into bank records? You know everything is logged somehow. It scares me to think about 2 things... 1, life in prison, and, 2, with that much money, it draws suspicion, so, you really can't spend it.

    • Re:Too much (Score:3, Interesting)

      by lecithin ( 745575 )
      Yea, but getting away with it once, is all you need for the rest of your life. I wonder how many have succeeded that we will never hear about.

      Kinda like Enron right?

    • Re:Too much (Score:5, Informative)

      by mangu ( 126918 ) on Thursday March 17, 2005 @12:52PM (#11965938)
      with that much money, it draws suspicion, so, you really can't spend it.


      Ever heard of "laundering" money? What you have to do is open a legit company and make it profitable with the money you have stashed somewhere. Tricky, yes. But possibly doable.

      However you are right about drawing suspicion. You can never become as rich as $400 million, because being as rich as that will make you automatically famous. If you stay below a limit, which I assume to be about up to $10 million if done right, you might be able to have a comfortable life without getting caught.


      But all this is theory. In practice, I can't recall any heist above $1 million where the perps got away. It may take some time, even years, but you will be caught in the end. You may be much smarter than the cops, but once the thing is done, they have all the time until you die to catch you. No, even if you manage to escape, you'll never have a quiet moment without worry. Anyone contemplating a big robbery should google ronald biggs train robbery if they think escaping to a far away country is an option.

      • It's all a matter of comfort - which i think you led to. Once a person gets the money, they lay low - for a few months. Then they get comfortable, then they start spending the big bucks and someone says "wow, how is joe poor driving a bentley?" and there ya go.

        If a person is capable of stealing 400 million w/o getting caught in the act - they are also capable of keeping it and not getting caught - but it would require a lifetime of looking over your shoulder...more importantly, not drawing attention to
      • A lot of those robbers are released, and still have all their money. Something to think about.
      • but once the thing is done, they have all the time until you die to catch you.

        what about the statute of limitations?
      • You forgot about the Nazis and the Swiss banks. Most of the money (gold, mostly) is still there.

        What about the billions Saddam Hussein stole from Iraq? Most never recoved. There were a few billion withdrawn in *cash* from the national bank in Iraq before the latest war.

  • Slashdot story incorrect (Score:5, Informative)

    by Anonymous Coward on Thursday March 17, 2005 @11:57AM (#11965389)
    Um.. yeah, this article synopsis would be wrong.

    From the article it links to:

    They managed to infiltrate the system with keylogging software that would have enabled them to track every button pressed on computer keyboards.

    The hackers were attempting to use keylogging software.. there's nothing in the bbc article whatsoever about how the police caught them, let alone if they were caught using keylogging software (which is what the synopsis says).

    Apparantly, not even the editors read slashdot stories :)
    • I don't think its wrong, just badly written. For example
      Today police foiled a bank robbery by gunmen wearing balaclava helmets.
      Who are wearing the balaclavas? Is it the police or the gunmen?
      Police foiled a robbery by hackers using keylogging software...
      Who are using the keylogger, the police or the hackers?

    • Precedence rules. (Score:5, Informative)

      by kahei ( 466208 ) on Thursday March 17, 2005 @12:19PM (#11965602) Homepage

      It's a matter of operator precedence being poorly defined in English, leading to the ambiguity known as a 'dangling modifier'.

      Parentheses could have solved the problem:
      The police foiled (hackers using keyloggers).
      But parentheses aren't used like that in natural language. In English the right way to do it would be more like this:
      The police foiled hackers who were using keyloggers.
      The 'who' strongly binds the entity before it to the entity after it, indicating that 'using keyloggers' is a predicate of 'hackers'. Thus the modifier, now tightly bound, dangles no more.

      • Re:Precedence rules. (Score:2, Interesting)

        by Nemi ( 627009 )
        Actually I believe this would be the preferred way of arranging the sentence:
        hackers using keyloggers were foiled by police.
        This places the modifier after a single subject, completely removing ambiguity.

        • Actually I believe this would be the preferred way of arranging the sentence:

          hackers using keyloggers were foiled by police.

          This places the modifier after a single subject, completely removing ambiguity.

          "Police folied hackers who were using keyboards" is the preferred construction. The use of the Passive Voice is generally discouraged, as this feature has been deprecated in favor of the Active Voice, and is provided only for compatiblility with previous versions of the English language, and may

      • Re:Precedence rules. (Score:2, Informative)

        by damyata ( 838569 )
        True. However the original bbc article contained no such ambiguity and the slashdot article title is unambiguously wrong. So the person writing the article did have the wrong idea.

        Or maybe, just maybe, the article title means "Keylogging Used To Catch Bank Crackers": as in it used to, but it doesn't any more.
      • The 'who' strongly binds the entity before it to the entity after it, indicating that 'using keyloggers' is a predicate of 'hackers'. Thus the modifier, now tightly bound, dangles no more.

        Maybe you've cracked the means for improving the grammar on Slashdot. There's a book in there; "English Grammar for Coders".

  • How would they do this? (Score:5, Insightful)

    by gstoddart ( 321705 ) on Thursday March 17, 2005 @12:01PM (#11965420) Homepage
    How do you manage to get key-logging software onto a bank system without physical access?

    Is this more examples of social engineering, or would this have required physical access to the computers? [ I'm assuming here that the general bank computers aren't all on the interweb ]

    Scary as hell that someone (almost) managed to do this.
    • The usual methods
      • Overworked techie department employs consultants without sufficient vetting
      • Disgruntled and overworked techie is approached by bad guys
      • Overworked techies release system into 'live' without sufficient testing/hardening due to presure to complete by deadline
      Do you see the common thread?

      • Re:How would they do this? (Score:1, Interesting)

        by Anonymous Coward
        One more possibility:
        • Clueless bank manager installs key-logging software on their own computers "for security"; and fails to keep the logs secure
        I've helped an identity theft victim who had that happen.... his employer had a key-logger on all the PCs; and didn't keep the logs securely. Someone stole the logs and got credit card and other information from the employees.
    • I used to do support for a lot of smaller banks in a rural area in the US. If you walked in, said you were from their support company, looked the part and needed to "check on something while you were in the area" they tended not to give you a second glance. You were their outsourced IT guy coming in to check on things. In the years of supporting smaller banks and branches of banks, I only had one instance where someone called the shop to verify I was supposed to be there. And that was after I'd already
  • A quick English lesson:

    "BBC News is reporting that the British police National High Tech Crime Unit has foiled an attempted fraud by hackers using keylogging software." - This means the hackers are using keylogging software

    Note the addition of commas: "BBC News is reporting that the British police National High Tech Crime Unit has foiled an attempted fraud, by hackers, using keylogging software." - This means the police are using keylogging software

    The editor of the article is CORRECT!
    • Read the headline for the intended meaning.
    • Correct, but not very clear.
      It took two reads to make sure of who the subject was.

      The editor should read The Economist Style Guide [economist.com]. It details how to write clear and consise articles.

    • NO, THE ARTICLE IS INCORRECT... (Score:4, Insightful)

      by BarryNorton ( 778694 ) on Thursday March 17, 2005 @12:20PM (#11965619)
      The article includes its own title. Unless this is changed to 'Keylogging Used By Caught Bank Crackers' it remains incorrect.
    • from the BBC "The investigation was started last October after it was discovered that computer hackers had gained access to Sumitomo Mitsui bank's computer system in London. They managed to infiltrate the system with keylogging software that would have enabled them to track every button pressed on computer keyboards. " Sounds like it was the criminals using the software to me! RikF ---- Life begins at 5500 rpm
    • Creative parsing on your part cannot save you.

      The title "Keylogging Used To Catch Bank Crackers" is indisputably wrong, no matter how you parse it.

      Furthermore, you have introduced your own parsing bias in the first non-comma sentence. The fact is the non-comma sentence does not have one difinitive meaning, and you are just telling us what it means through your assumed meaning.

      The fact is you cannot indisputably say that the word "using" applies to the hackers and not the Crime Unit - the only thing supp

      • "The fact is the non-comma sentence does not have one difinitive meaning, and you are just telling us what it means through your assumed meaning."

        Actually it does. When one uses a modifying phrase, one must use commas to alter the phrase it modifies. Otherwise it modifies the closest phrase.

        Witness:

        • Anna commented on Patrick's running quickly.
        • Anna commented quickly on Patrick's running.
        • Anna commented, on Patrick's running, quickly.

        The sentences above have a single meaning each. The prefered soluti

    • What is your point? The headline is unambiguously wrong.

  • UKP? (Score:2, Informative)

    by frostman ( 302143 )
    Nice trick, but how much money does that number of unbounded knapsack problems [nist.gov] represent?

    Or did you mean GBP? [wikipedia.org]

    • Oh, you old ISO4217 purist you. The country isn't called 'Great Britain', you know.

      It's the 'United Kingdom'. Presumably this is meant sarcastically.

  • Blinks behind the mask (Score:5, Insightful)

    by Doc Ruby ( 173196 ) on Thursday March 17, 2005 @12:05PM (#11965465) Homepage Journal
    The ambiguous story description could be interpreted to mean either that the crackers installed the keylogger, or that they were caught by keyloggers. Any sensible reader would know that the crackers probably weren't caught by keyloggers, because they'd already have too much access by that point. But even just reading the story shows that their attack was by keylogger, not their capture.

    Now it's obvious: Slashdot submission approvers (staff "authors" who vet the submission queue, to approve stories for publication) just read the text, and decide whether the story is interesting. They don't click the links, they don't think about whether anything makes sense. It really looks like Slashdot's submitters are higher quality than the editors who decide what to publish. And even worse, the editors seem to have the quality of a lower tier of Slashdot readers: grab the most inflammatory interpretation of a post, and run with it - without regard to the facts, or even just the story itself.

    For all Slashdot's championing of the "open" community, we know very little of how the editorial process works. How many editors? Do they know each other? See each other, or work remotely? Is there an editorial policy, written or by "rolling consensus"? Are their criteria? What's the process like? With the published Slashcode so old, there's no way to know details about the queue process even by looking at "the" software. So what goes on there behind the curtain?
    • the editors seem to have the quality of a lower tier of Slashdot readers: grab the most inflammatory interpretation of a post, and run with it

      Which means more page views, therefore more advertising revenue.
    • How does one become an editor? Is it a personal friend of someone here on Slashdot? Like if I knew CowboyNEal in real life and was good friends w/ him and didn't have a real job I could become an editor of slashdot?

      I have never seen how this person becomes an editor. There really isn't much about the back process of this site. I know CowboyNeal posts a journal about thoughts that may one day in the future become a change, but besides that we don't know anything about our great Overloads.

      • I don't really get the impression that anybody at Slashdot cares a great deal about Slashdot any more. It's a living - they get paid to not do much and surf the web a lot and that's about it.

        I never get any impression of passion from them.
  • From article
    The plan was to steal £220m ($423m) from the London offices of the Japanese bank Sumitomo Mitsui.
    and looks like they only got 13.9 mil out but was were busted trying to get in in Israel
    A man has been arrested by police in Israel after the plot was uncovered by the National Hi-Tech Crime Unit. Unit members worked closely with Israeli police.
    So bad guys try to rob london office of japanese bank, by moving money to israel. This is a great example of an international crime, I almost ex

  • Comment removed (Score:4, Funny)

    by account_deleted ( 4530225 ) on Thursday March 17, 2005 @12:05PM (#11965469)
    Comment removed based on user account deletion

  • Phew! (Score:5, Funny)

    by bigtallmofo ( 695287 ) on Thursday March 17, 2005 @12:07PM (#11965488)
    This article would've scared the crap out of me if I hadn't already sent all my money to a Nigerian Prince.

    Once I get the millions in cash I've been promised, I'll be sure to keep it away from any keyboards.

    • Mr BigTallMofo,

      Realizing your concern in our confident trade we assure you of our mutual plans to make profit from the war-torn country of Nigeria. Please be sure to send us your savings account number, as your bank did not want us to place 44,500,212.23$ (US Dollars) in your checking account.

      Since you have been inconvenienced we will kindly have you notice that we will raise our gratuity to 85% plus 5% fees.

      Your quick reply will start you and me on our way to fortune so I can rule my poor Nigeria

  • WTF is wrong with our Slashdot editors? (Score:1, Interesting)

    by Anonymous Coward
    I have a suggestion: how about a rating for editors? If editors fuck up too often others should be given the chance to do the job properly.

    This is just getting too embarrasing and it's damaging Slashdot's reputation.

    And yes I must be new here.
    Doesn't make it any less true.

  • I fail to understand (Score:4, Insightful)

    by hsoft ( 742011 ) on Thursday March 17, 2005 @12:08PM (#11965497) Homepage
    I fail to understand how such thing is possible, and I would appreciate explanations.

    For example, if someone gets my bank account user/pass and logs into my bank account, transferring all my money into his account. When I see this, I will sure call my bank saying that this was an unauthorized transaction, and this transaction should be void, no? Besides, the thief reveal himself by specifying the destination account, no?
    • When I see this, I will sure call my bank saying that this was an unauthorized transaction, and this transaction should be void, no? Besides, the thief reveal himself by specifying the destination account, no?

      I was thinking the same thing, but came to the idea that if you had access to one account number, you could potentially have access to multiple account numbers.

      The alleged could have split the money and bounced it around between accounts. Many small transactions between many accounts would make
    • If the destination account was in a country who's laws make it advantageous to bank there (Think the Caymans, or Switzerland for example) or a country that doesn't particularly respect the victim's home country, getting your dollars (well, pounds) back is going to get alot harder, if not flat out impossible.

      Of course, the thief would reveal his account number, which can be tied to an identity (or at least a contact) but the difficult issue is leaning on the bank to give up that information.
    • When I see this, I will sure call my bank saying that this was an unauthorized transaction, and this transaction should be void, no?

      Where's the proof that it was unauthorized? Only you had access to your account, and only you had rights to transfer the money. So, unless you can prove the account had be compromised, no, there's no recourse. And even if there's proof, the money is gone, there's no "voiding" the transaction. The only thing you might be able to do is sue the bank to try to recover the money.
    • You're thinking too small. This isn't retail banking, it's corporate banking. Accounts with millions flowing through them every day, the transactions will be small enough not to cause a blip. Additionally, if you have access to enter the txn you may well have (or be able to get) access to approve it. Then it's all OK...
    • Not necessarily. Odds are good that the use of your correct username and password is specifically defined as authorizing the transaction.

      Remember, the world doesn't have to be fair or even nice.

  • Abbreviation correction (Score:5, Informative)

    by justanyone ( 308934 ) on Thursday March 17, 2005 @12:12PM (#11965533) Homepage Journal

    attempted electronic transfer of UKP13.9m

    Sorry if this is in any way pedantic - just FYI since I used to work in a capital markets trading environment...

    The abbreviation in most currency markets is not UKP, it's GBP, for Great Britain Pounds.

    To quote from a handy refernce page:
    ISO 4217 (Codes for the Representation of Currencies and Funds) defines three-letter abbreviations for world currencies. The general principle used to construct these abbreviations is to take the two-letter abbreviations defined in ISO 3166 (Codes for the Representation of Names of Countries) and append the first letter of the currency name (e.g., USD for the United States Dollar).

    A non-official site's list is at: http://www.jhall.demon.co.uk/currency/by_country [demon.co.uk].h tml

    The official 4217 list of currency codes is at http://www.iso.ch/iso/en/prods-services/popstds/c [www.iso.ch]u rrencycodeslist.html

    The official ISO 3166 Country codes list is at:
    http://www.iso.ch/iso/en/prods-services/iso3166ma [www.iso.ch]/ 02iso-3166-code-lists/list-en1.html
    • Yuck! Slashdot's machinery cut up those links. Here they are again:

      The official 4217 list of currency codes is at here [www.iso.ch]

      The official ISO 3166 Country codes list is at:
      here. [www.iso.ch]
      • May be, but that is because the ISO have deemed that the UK as an abrieviation for United Kingdom is to generic, even though there is only one country in the entire world going by that name. On the other hand US is perfectly acceptable for the USA, with United States being just as generic as the United Kingdom.

        The thing is there is no such legal entity as Great Britain and there has not been since 1801. Great Britain existed as a country for less than 100 years, and has not existed for over 200 now. If the
    • Both of the links to www.iso.ch are broken any other non-broken links? Was actually interested to find this list but disappointed the link was broken.
    • >>
      attempted electronic transfer of UKP13.9m
      Sorry if this is in any way pedantic - just FYI since I used to work in a capital markets trading environment... The abbreviation in most currency markets is not UKP, it's GBP

      Also, the SI unit abbreviation for million is M, not m. m is Meter, M is million (mega), so a mM is a million meters (a thousand Km), but Mm, MM or mm don't make any sense at all, nor mGBP.

      • By that logic, mm should be "meter meter" or meters squared. But it's not, it's defined to mean millimeter. When you use m in the context of a quantity as opposed to a length, everyone knows it means million. The reason people just use m instead of M in those cases is because at the end of a word, people are more accustomed to using a non-capital letter. Anyway, the way people should use things doesn't always line up with the way they actually do.

        • >

          By that logic, mm should be "meter meter" or meters squared. But it's not, it's defined to mean millimeter.

          Thanks, I just forgot the initial minor m is mili, or a thousandth. So the error in question is still worse, because isolated it should mean Meter but as a quantifier it should mean a thousandth.

          >

          The reason people just use m instead of M in those cases is because at the end of a word, people are more accustomed to using a non-capital letter.

          Just that it is not a word. The real reason

  • In USD... (Score:3, Informative)

    by DroopyStonx ( 683090 ) on Thursday March 17, 2005 @12:15PM (#11965566)
    13.9 million GBP is about 26.7 million USD.

  • They managed all of this (Score:5, Funny)

    by tezza ( 539307 ) on Thursday March 17, 2005 @12:16PM (#11965573)
    without Bruce Willis? Amazing.
  • Could very well be exactly correct. What if the UserID/Password/Login was a honeypot? A sting operation where several bank employees were given access to seperate lists of logins? Then follow through on who had access to which ID, and whom it was eventually used by?

  • Basically if anyone RTFA the summary is incorrect. The robbers used key logging software, not the police.
    • Exactly, as reported on BBC World this morning. When I read the summary I was like "did I totally misunderstand the anchorwoman earlier?" When I checked the article, it reaffirmed that indead I had understood correctly and the summary is wrong. That's incorragable. Sometimes I wonder if the submitters RTFA.

  • Question about Key Logging software (Score:5, Interesting)

    by ReadbackMonkey ( 92198 ) on Thursday March 17, 2005 @12:31PM (#11965725)
    If I type my password into a txt file surrounded by a bunch of gibberish, i.e.

    diowengiw03821-13kd98password8990830209keivli

    Would key-logging software be able to find my password if I cut and paste the relevant data into the appropriate field when I want to enter the password?

    Basically, where does the key-logging software sniff the bits? Is it off the bus from the keyboard to the processor, or does it sniff it off the processor?

    Just curious
  • I went to http://www.nhtcu.org/ [nhtcu.org], and all I see is a blank page. After a while, I decided to view the source. Damn Shockwave, without even a little "Skip Intro" link.
    I'm going to eat some peanuts.

  • GBP not UKP (Score:3, Informative)

    by PureCreditor ( 300490 ) on Thursday March 17, 2005 @02:46PM (#11967434)
    According the xe.com, the international symbol for the pound sterling is actually GBP (for Great Britain Pound), not UKP as commonly denoted.

    Same for CAD for Canadian dollars, but it's frequently listed (incorrectly) as

    Cdn $

Slashdot Top Deals

Business is a good game -- lots of competition and minimum of rules. You keep score with money. -- Nolan Bushnell, founder of Atari

Close