Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security The Almighty Buck

Citibank Denies Reported Breach Linked To Russian Gang 53

alphadogg writes "US authorities are investigating the theft of an estimated tens of millions of dollars from Citibank by criminals using Russian software tailored for the attack, according to the Wall Street Journal (subscription required to access that link — CNET's coverage here). The security breach at the major US bank was detected mid-year based on traffic from Internet addresses formerly used by the Russian Business Network gang, the WSJ reported today, citing unnamed government sources. The Russian Business Network is a well-known group linked to malicious software, hacking, child pornography, and spam. The FBI is probing the case, the report said. It was not known whether the money had been recovered and a Citibank representative said the company denied any system breach or losses, according to the report."
This discussion has been archived. No new comments can be posted.

Citibank Denies Reported Breach Linked To Russian Gang

Comments Filter:
  • Paywalls suck (Score:5, Informative)

    by TSHTF ( 953742 ) on Tuesday December 22, 2009 @06:04PM (#30530568) Homepage
    Article is behind a paywall. Search for it with Google News [google.com], and the WSJ will let you read it all.
    • Re: (Score:3, Informative)

      by DarkTempes ( 822722 )
      Looks like it checks for a Referer: with http:// and google anywhere in the domain name as long as it's before another forward slash. Referer: http://notgoogle.com and http://not.comgoogle works but http://not.com/google doesn't.

      Anyway, for those of us who disable referers from headers the google news method won't work either ;)
  • by plover ( 150551 ) * on Tuesday December 22, 2009 @06:07PM (#30530606) Homepage Journal

    The reporter was trying to link a bunch of separate things together.

    1. Black Energy conducted a DDoS against Citibank, but did not steal tens of millions of dollars from them.

    2. Last year, Citi lost tens of millions of dollars from skimmers attached to ATMs.

    3. The hacker Cr4sh is the author of Black Energy, but there is no evidence he was involved in the attack on Citi.

    There is nothing relating these three incidents other than the wishes of an aggressive reporter wanting to build some kind of story against City; *perhaps* he's trying to pump up a case to make it appear they are risking bailout money. But at least when I type this kind of crap I'm labeling it for what it is: PURE SPECULATION.

    • by Anonymous Coward on Tuesday December 22, 2009 @06:12PM (#30530664)

      The thing the banks really don't talk about is that losses from in-house embezzlers far exceed losses form outside agents. And of course we won't speak of the enormous losses caused by management greed and stupidity.

      • Re: (Score:3, Insightful)

        by plover ( 150551 ) *

        The thing the banks really don't talk about is that losses from in-house embezzlers far exceed losses form outside agents.

        Really? Have you recent facts to back that claim up? It may have been true in the 1950s, but is it still true in today's world, where a hacker can gain essentially "insider" authority?

        And of course we won't speak of the enormous losses caused by management greed and stupidity.

        There's an assertion I don't have to ask you to back up, as it's been pretty well covered in the press. But there's a lot of greed and stupidity going around, and some of it comes from the shareholders, Congress, lawyers, etc. It's not just limited to management.

        • Verizon publishes a really interesting [verizonbusiness.com] (downloads pdf) study on breaches every so often. While things are probably much different when it comes to actual banks, it mentions that 80% or so of the 'data' lost in breaches is actually coming from outsiders now a days.

          Insiders still have the largest breaches, but the sheer number of outside breaches are dominating the current trends.

        • Really? Have you recent facts to back that claim up? It may have been true in the 1950s, but is it still true in today's world, where a hacker can gain essentially "insider" authority?

          It's true, and still truer than ever. Insider losses are on the rise,

          The difference between insider attacks and outsider attacks are much different than what an outsider obtains through cracking and privilege escalation. Just because you own a system (or all of them), doesn't mean you can do what an insider can.

          An insider atta

      • Re: (Score:3, Insightful)

        by FooAtWFU ( 699187 )
        For the bigwigs: Why embezzle when you can go legit and get the board to pay you snazzy seven-figure bonuses for your continued, valuable contributions to the company's bottom line? I don't think taking that sort of a gamble is consistent with your probable risk profile. Maybe if you're Bernie Maddoff and your firm has lost a ton of money and are too attached to your career and terrified of professional embarrassment or something, but even that's more outright fraud than embezzlement.

        For the medium-wigs:

    • by Alwin Henseler ( 640539 ) on Tuesday December 22, 2009 @06:44PM (#30530970)

      2. Last year, Citi lost tens of millions of dollars from skimmers attached to ATMs.

      2. Last year, Citi customers lost tens of millions of dollars from skimmers attached to ATMs.

      (emphasis mine)
      Not individually, but as a group customers always pay the bill for incompetent management / inadequate security.

      • Re: (Score:3, Insightful)

        How exactly would it recoup it's losses from customers? By lowering it's interest rates? If it could increase profits by doing that they would already have done so.

        Directly only the investors lose out.

        • I think he meant they raise the service prices to cover the difference per transaction, so instead of costing you 1.50$ each time you use your card to access your own money, they now charge you 1.75$
          Pretty simple really.

    • by sgt_doom ( 655561 ) on Tuesday December 22, 2009 @07:59PM (#30531514)
      And speaking of PURE SPECULATION, which is what Citi does through it's energy/oil speculating subsidiary, Phibro, everyone knows Citi pissed away all their money by their purchase of all those credit default swaps and other categories of credit derivatives; thereby giving those enormous fortunes to the Robert Rubin family (and the others who are now members of the George W. Obama Administration.....)
    • http://online.wsj.com/article/SB126145280820801177.html [wsj.com]
      They wouldn't find an elephant in a two-meter square room.
      It seems they're hiding info, self interests implicated maybe?

      Joe Petro, managing director of Citigroup's Security and Investigative services, said, "We had no breach of the system and there were no losses, no customer losses, no bank losses."

      Apparently those tens of millions of dollars would have been on holiday somewhere around Cayman Islands, hehehe!

      On the other hand, I've found no mention in WSJ article to child pornography. Where did that come from? It only rests to say these thieves are terrorists and are supposed to be linked to al-qaeda.

      Losses to online crime of all types exceeded $260 million in the U.S. last year, the FBI estimates.

      At least is much less t

    • Re: (Score:1, Interesting)

      by Anonymous Coward

      Oh really? Then why did Citibank issue me a replacement card with a completely new number in August?

      * Posted Anonymously on purpose.

  • In other news... (Score:5, Interesting)

    by tyroneking ( 258793 ) on Tuesday December 22, 2009 @06:09PM (#30530634)

    ... the US and UK public are asking for an investigation into the apparent transfer of billions of dollars of public money to major banks. No-one is probing the case and yet the govt and banks are not denying any breach of the political and economic systems.

  • by PolygamousRanchKid ( 1290638 ) on Tuesday December 22, 2009 @06:11PM (#30530646)

    I honestly thought they were one and the same.

    Maybe someone can enumerate for me, the differences between Citibank and a Russian Gang . . .

    Rips off governments for millions . . . check

    Rips off people for millions . . . check

  • This site [propublica.org] says Citigroup received 50 billion from the Fed. The little bit that was stolen is just a drop in the bucket. Dillenger probably did better percentage-wise in the 1930's with a gun and some balls.
  • by MichaelSmith ( 789609 ) on Tuesday December 22, 2009 @06:24PM (#30530780) Homepage Journal

    The Kuang Grade Mark Eleven Penetration Program is the way to go. But you need a live person at the controls. Not a flatline, because Neuromancer knows his every move in advance.

    • Re: (Score:3, Informative)

      by Gilmoure ( 18428 )

      Yeah, but not if you're running it on a Ono-Sendai 6 with just tactile feed back. You need full emersion to do it right.

  • by assemblerex ( 1275164 ) * on Tuesday December 22, 2009 @06:50PM (#30531036)
    Cash is replenishable, trust is not as it has to be earned.
  • No audits, please! (Score:1, Interesting)

    by Anonymous Coward

    Admitting to the theft would probably trigger in-depth audits and increased scrutiny of Citibank operations. THAT might be very, very bad for Citibank.

    Let's just handle it on a modified mark-to-market basis. The money used to be here, and if it was still here we wouldn't have lost anything.

    If you prefer QM, think of it as Shrodinger's cat - of course, he's still alive - no need to look in that box.

    It ain't funny, McGee!

    • The momentum and position of the bucks cannot be known simultaneously to any useful precision. Heisenberg

      I for one welcome our new Quantum Economical overlords.

  • by HangingChad ( 677530 ) on Tuesday December 22, 2009 @07:46PM (#30531454) Homepage

    Citibank representative said the company denied any system breach or losses, according to the report.

    My web host provider *cough*inmotion*cough* got hacked a couple months ago and they denied it across the board, tried to turn it back on the users by claiming all the accesses were routine FTP connections.

    Makes me wonder if denial is the new trend?

  • by securaty ( 1706052 ) on Tuesday December 22, 2009 @08:16PM (#30531620)
    I read WSJ article and I had to chuckle. What a poor excuse for a story. It doesn't sound like anyone targeted Citibank. They are one of dozens of other banks who were victimized by a gang of Ukrainian (NOT Russian) criminals. As far as I know, hundreds of small and medium business have been vandalized by the same gang on individuals targeting individual systems with malware. Brian Krebs from Washington Post covered this months ago. WSJ story is a bad knock off without facts and originality.
  • by HockeyPuck ( 141947 ) on Tuesday December 22, 2009 @08:26PM (#30531688)

    Let's say it actually was a "Russian Gang" operating out of say, Russia. What can US Gov't agencies do against this? Can they do anything within the law besides call up Russia and tell them to 'take care of it.' It's not like we can drop commandos into Russia and go after them, nor can we launch electronic attacks on this gang (act of futility).

    According to the US Constitution, Section 8 [usconstitution.net], Congress has the power to provide for the common Defense and general Welfare of the United States.

    I see this type of activity as an attack, just because it's two private entities, this IMHO is no different than if SAP tried to hack into Oracle.

    Hey Fed, I'm sick of US companies wasting time, money and effort to deal with these people bent on conducting electronic warfare.

    As a side note, I wonder how much $$ is wasted in terms of extra capacity (servers, network, CPU, power) is needed by US companies to deal with all this BS (spam, people hacking in etc..) floating around the internet.

    I once heard a presentation by a guy at Yahoo who managed a few of their datacenters. When asked about how they deal with DOS attacks his response was that they had more computing capacity then the internet could deliver to them, so they just absorb whatever attacks are sent their way.

  • Last year Citi sent me a new card, because they said they'd lost three million credit card numbers to thieves. Well, they claimed it was a merchant, but since they wouldn't reveal who it was so that I could cease doing business with them, clearly Citibank is assuming full responsibility.
  • So what is the attack system used to get "tens of millions of dollars"?

    Do they collect 10,000 user names and passwords from personal computer users?

    Do they somehow take over a merchant deposit account and transfer funds out of it?

    Do they emulate a bank-to-bank transaction and modify the bank-to-bank back end transaction?

    • So what is the attack system used to get "tens of millions of dollars"?

      The article ties together many attacks.

      Do they collect 10,000 user names and passwords from personal computer users?

      One of the attacks was (skimming atm cards)

      Do they somehow take over a merchant deposit account and transfer funds out of it?

      One was, by apparently key logging.

      Do they emulate a bank-to-bank transaction and modify the bank-to-bank back end transaction?

      Maybe, doesn't seem to be reported in the article.

      I was gonna say something witty about RTFA but I find getting my questions out of commentators is easier as well.

  • Obligatory (Score:1, Funny)

    by Anonymous Coward

    "Not just another security collapse...

    It's Citibank security collapse."

  • The Russians did it! The Russians did it!
  • by Weaselmancer ( 533834 ) on Tuesday December 22, 2009 @11:53PM (#30532678)

    The FBI is probing the case, the report said. It was not known whether the money had been recovered and a Citibank representative said the company denied any system breach or losses, according to the report.

    There was no system breach! And the money was probably recovered anyways!

  • I find it interesting that the attribute 5 things to this "Russian"
    business network.

    5 is an occult power number for encumbering the help of Gnosticism's 5
    dark evil demi-urges that are accredited with creating this world.

    The bankers are masters of deception and occult hand waving. Who else
    could conjure up money out of thin air for you to buy your house with
    and then enslave you to pay the sum back times 3? May the bankers be
    fully exposed and bear the shame and may they seek our forgiveness on
    their knees. M

The opossum is a very sophisticated animal. It doesn't even get up until 5 or 6 PM.

Working...