Hackers steal $6.7 million in bank cyber heist
Posted on 17 January 2012.
A perfectly planned and coordinated bank robbery was executed during the first three days of the new year in Johannesburg, and left the targeted South African Postbank - part of the nation's Post Office service - with a loss of some $6.7 million.


According to the Sunday Times, the cyber gang behind the heist was obviously very well informed about the post office's IT systems, and began preparing the ground for its execution a few months before by opening accounts in post offices across the country and compromising an employee computer in the Rustenburg Post Office.

Once the offices were closed for the New Year holidays, the gang put their plan in motion. They accessed the computer from a remote location and used it to break into Postbank's server system and transfer money from various accounts into the ones they opened.

Having also raised the withdrawal limits on those accounts, money mules had no problem withdrawing great amounts of money from ATMs in Gauteng, KwaZulu-Natal and the Free State during the next few days, stopping completely when the offices were opened again on January 3.

Unfortunately, the Postbank's fraud detection system hasn't performed as it should, and the crime was discovered only after everyone returned to work after the holiday break. Apparently, it should not come as a surprise - according to a banking security expert, "the Postbank network and security systems are shocking and in desperate need of an overhaul."

The post office and the police have confirmed that the breach happened and that the National Intelligence Agency (NIA) is involved in the investigation. The bank has issued a statement saying that none of its customers' bank accounts were affected by the heist.

The investigation will hopefully reveal whether the backdoor into the compromised computer was installed by the employee unwittingly or whether the employee was recruited by the gang to allow them access.






Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //