Hacker Posts Details of 3 Million Iranian Bank Accounts 145
Jeremiah Cornelius writes "Khosrow Zarefarid warned of a security flaw in Iran's banking system providing affected institutions the details, including 1,000 captured bank accounts. When the affected banks, including the largest state institutions didn't respond, Khosrow hacked 3 million accounts across at least 22 banks. He then dropped these details — including card numbers and PINs — on his blog. Three Iranian banks Saderat, Eghtesad Novin, and Saman have already warned customers to change their debit card PINs. 'Zarefarid is reportedly no longer in Iran, though it is unclear when he left.'"
Re:What a great guy (Score:5, Insightful)
Not quite as much distrust and suspicion as they have regarding "bankers".
Re:"though it is unclear when he left" (Score:2, Insightful)
But not unclear *why* he left.
Yes, he "left".
I'm sure the Iranian government is outraged as his defection, and not secretly holding him in an north korean off-shore detainment centre.
Re:What a great guy (Score:4, Insightful)
And we wonder why the general public has a sense of distrust and suspicion regarding "hackers".
"When the affected banks, including the largest state institutions didn't respond" is the part that worries me, instead. The hacker in this case was just trying to help and pointed out a REALLY bad security flaw, but since the general public didn't know about it the institutions apparently decided to just ignore it. Publishing all the details was a bad move, that I definitely agree with, but atleast it got the institutions' attention, too bad that this will be spun in the media as the hacker's fault and not the institutions' fault, though.
hmm, you think it's a bad move. So what you are saying is, if the public doesn't know about it, it's good security? You do realize that if the dude who warned them found it, anyone could of found it. So while the public may not know about it, criminals might. So, in my view, the hacker did good, because the people in charge weren't listening, so it made them listen.
I don't know what world you live in, but in this world, there isn't only 1 smart person, there is many. When 1 person finds a flaw, you should figure that other people have found the flaw. And someone is going to exploit the flaw to steal something, because that is how the world rolls.
Re:"though it is unclear when he left" (Score:4, Insightful)
Right, because all enemies of US are related.
Iran is a rich Muslim theocracy with some attibutes of a Republic. North Korea is a poverty-stricken pseudo-monarchy with attributes of Stalinism. They are about as likely to be on the speaking terms with each other as Henry Kissinger with Alexander Chikatilo.
Re:What a great guy (Score:4, Insightful)
I don't know about the OP reasoning, but in my opinion, publishing full details including full card numbers and pin codes was a bad idea. Publish enough to demonstrate that you do in fact have the data, but not enough to make it trivial for someone to use the data. Partial card number, enough that the cardholder can be reasonably certain that's his card and the last 2-3 digits of the pin. It's one thing to go public and embarrass the banks, it's another to expose 3M customers to fraud and abuse by making it easy for the crooks.
Re:"though it is unclear when he left" (Score:4, Insightful)
It blows my mind at how little americans know about ... well ... everything they havn't heard on the telly.
And how much less we know about things we *have* heard on the telly...
Re:"Zarefarid is reportedly no longer in Iran, tho (Score:2, Insightful)
...despite the fact that I see no such aggression coming from them. I just think it's interesting.
Yeah and arming hizbullah, hamas and having their fingers deep in both groups along with previously arming the PLO is 'no aggressive action' right.. Oh wait, let me guess the Jews control both groups.
Re:"though it is unclear when he left" (Score:5, Insightful)
And yet, both got the technology to produce weapons-grade uranium from the same Pakistani, A.Q. Khan. Don't assume that differing political systems and ideologies is an absolute block against cooperation. I think it's ridiculous that they'd have this guy in North Korea; Iran isn't exactly a country with a need to offshore their state security apparatus, nor do they have some fanatical devotion to not saying anything that is technically untrue.
Re:"though it is unclear when he left" (Score:2, Insightful)
I agree with you on this, Evil is as Evil does regardless of where it does it.
Re:"Zarefarid is reportedly no longer in Iran, tho (Score:5, Insightful)
Let the UN control? The same organization that put Cuba, Egypt, Russia, Saudi Arabia, China and Sudan on its human rights panel?