Alleged Ponzi Mastermind Hacked In Antigua 51
krebsonsecurity writes "Criminal hackers apparently involved in break-ins at several US financial institutions also appear to have dug up dirt on Robert Allen Stanford, a man slated to go on trial this month for his alleged part in an $8 billion Ponzi scheme. Quoting: 'In early 2008, while federal investigators were busy investigating disgraced financier Robert Allen Stanford for his part in an alleged $8 billion fraudulent investment scheme, Eastern European hackers were quietly hoovering up tens of thousands customer financial records from the Bank of Antigua, an institution formerly owned by the Stanford Group.'"
Very strange article. (Score:5, Interesting)
Am I the only one who finds the entire article strange?
Here is what it says about the hack itself:
Once inside of Stanford’s network, the unidentified hackers appear to have swiped the credentials from an internal network administrator, and soon had downloaded the user names and password hashes for more than 1,000 employees of Stanford Financial, Stanford Group, Stanford Trust, and Stanford International Bank Ltd.
Among the purloined files is a listing of what appear to be ownership and balance information for tens of thousands of customer accounts at Bank of Antigua. Each listing includes the account number, owner’s name, address, balance, and accrued interest.
So far, so good.
But here is where it becomes really strange:
It’s also unclear whether the hackers managed to steal any funds from the accounts listed in the recovered documents, or indeed whether the attackers ever had direct access to Bank of Antigua accounts. Still, a set of documents found with the account information suggest the perpetrators did a fairly thorough job mapping the internal networks connecting Stanford offices in Austin, Baton Rouge, Boca Raton, Boston, Denver, Ft. Lauderdale, Houston, Memphis, Miami, Montreal, New York, San Francisco, Sugarland, and Washington, D.C.
What ??!!?? Or, even more clearly: WTF??
Are you trying to tell me that people sophisticated enough to get the credentials of a system administrators, info on hundreds of accounts, including passwords and so on and so forth have not transferred anything?
It's like, I have total access to hundreds of accounts, after cracking open your system security, but I did not take anything?
This thing stinks to high heaven. Either the Ponzi scheme had no money left in it, or I am willing to bet the hackers, whoever they are, have quietly siphoned a lot of money overseas.
Re:Very strange article. (Score:4, Interesting)
It's like, I have total access to hundreds of accounts, after cracking open your system security, but I did not take anything?
Maybe they had an air-gap firewall, or at least a data diode. [owlcti.com]
If I were running that sort of network, that's what I would use to partition off the real money from the record keeping.
Re:Very strange article. (Score:3, Interesting)
Maybe there weren't any hackers. Maybe it was Stanford himslef trying to make an alibi to stay out of prison. "No, it wasn't a Ponzi scheme, we were hacked!"