Hacker Posts Details of 3 Million Iranian Bank Accounts 145
Jeremiah Cornelius writes "Khosrow Zarefarid warned of a security flaw in Iran's banking system providing affected institutions the details, including 1,000 captured bank accounts. When the affected banks, including the largest state institutions didn't respond, Khosrow hacked 3 million accounts across at least 22 banks. He then dropped these details — including card numbers and PINs — on his blog. Three Iranian banks Saderat, Eghtesad Novin, and Saman have already warned customers to change their debit card PINs. 'Zarefarid is reportedly no longer in Iran, though it is unclear when he left.'"
Let a lesson be (Score:4, Informative)
Karma whoring, dude's blog linked here [blogspot.com] (yay for in browser translation)
What a hack job of reporting! (Score:5, Informative)
Points of fact:
1) He didn't hack any banks. He was working in a payment processing company that had monopoly in Iran.
2) The card numbers and pin numbers were kept in clear text in their internal systems
3) He did complain about it repeatedly to his bosses, who blew him off
4) He posted the pin numbers and account numbers to a blog. Pin numbers have some digits before and after; They are not quite usable in person. In order to use them online a second pin is required which was not posted.
5) the Payment processing center's license has been revoked, and all people are in panic trying to change their pin numbers. The only action all ATMs allow is pin change.
Re:"though it is unclear when he left" (Score:4, Informative)
Re:"though it is unclear when he left" (Score:5, Informative)
Not really true. Iran and North Korea are very much in the 'enemy of my enemy' stage of life, and they are both quite friendly with russia and to a lesser extent both with china.
They may not be ideologically aligned to each other, but given their mutual enemy and mutual ally, they're willing to talk to each other. Who do you think is still buying all this iranian oil that is being extracted now that the previous markets can't and won't buy it? China and North korea. Who does North Korea sell missiles and technology to? (The Taepodong series specifically, as well as some shorter range surface to surface missiles), Yemen, Syria, Iran and a few others. The north koreans need currency, the iranians have currency, the north koreans need oil, the iranians have oil, the iranians need missiles to strike Saudi, Iraq and Israel, the north koreans have missiles.
They are as far apart ideologically as Stalin and Hitler, and yet for years those two managed to get along oddly well, exchanging training and agreeing to carve up poland together. Iran and North Korea may not be all that ideologically compatible, but they have nothing to particularly drive a wedge between them (unlike stalin and hitler). They each have things the other wants, no directly overlapping or conflicting interests and a shared enemy in the united states, who, helpfully, binned them together in an 'axis of evil', and if they weren't playing nice before, that gave them a good kick in the ass to start playing nice with each other.
They very much are on strong speaking terms and technological exchange, through russia, through china and at sea. They are both under heavy sanctions meaning their selection of possible trade partners is rather limited, and that means they take what they can get. If you think they at least up until recently weren't on very good terms you should pull your head out of the sand. The new North Korea, under Kim Jong Un, and the current state of affairs in Iran, along with the situations in Burma and Pakistan throw into question any future agreements. A Burma out of chinas sphere of influence, and a pakistan not interested in technological exchanges significantly limit their access to resources and cash, and might significantly shake up their desired alliances.
That said, you're right, in that they have no real long term collaborative goals. At the first opportunity I'm sure both of them would love to do business with someone else. But until a better opportunity comes along you go with the friends your enemies have given you.
Re:Um ... Is This Even An Accurate Story? (Score:3, Informative)
Re:"though it is unclear when he left" (Score:4, Informative)
Wars arent fought with ground troops anymore. Whats a machine gun going to do to a Hellfile missile sent from a predator?
They most certainly are. War for the next 50 years or so (unless things get really bad) will be primarily long term, low intensity conflict like what we've seen in Iraq, Afghanistan, Syria, and Libya (admittedly we got lucky with Libya, as it was relatively short). Conflicts such as these tend to stretch on for years. See the Sri Lankan insurgency that lasted roughly 25 years. Insurgencies are usually fought with small arms; the largest weapons usually available to insurgents are large-caliber machine guns, mortars, and RPGs. Combine this with the fact that most insurgencies cannot afford a large stand-up fight, and you get a lot of hit and run contact. Thompson, the man who pretty much led the British during the counterinsurgency in Malaya back in the 50s (and who pretty much wrote the bible on COIN doctrine; he started it all) realized that you cannot do sweep and destroy methods to defeat an insurgency; you must use sweep and control. To defeat an insurgency, you have to control ground. To control ground, you need group troops. While armed drones are good for patrolling and attacks on vehicles or fixed positions (camps, emplacements, etc), this is very expensive, and in many cases overkill. Most states cannot afford technology such this, and tactically armed troops on the ground usually make much more sense anyway, as even in predator strikes troops still have to go in afterward to look for intelligence.