Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Latest Breaking News»60-Second Cash Kiosk Hack...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Latest Breaking News

Related: General Discussion, Editorials & Other Articles

mahatmakanejeeves

(57,656 posts) Wed Oct 31, 2012, 12:57 PM Oct 2012

60-Second Cash Kiosk Hackers Steal $1 Million: FBI

Source: Information Week

By Mathew J. Schwartz InformationWeek
October 31, 2012 12:02 PM

The FBI has arrested more than a dozen people on charges that they participated in a gang that stole over $1 million via cash-advance kiosks at 11 casinos and resorts.

According to the FBI, the related indictment, unsealed Friday, said the gang "stole the money by exploiting a gap--which required multiple withdrawals all within 60 seconds--in Citibank's electronic transaction security protocols." The gang predominantly targeted casinos and resorts in Las Vegas and southern California.
....

According to court documents, accused ringleader Ara Keshishyan, 29, recruited other members of the gang to open multiple Citibank checking accounts, which he filled with seed money. "When inside the casino, the conspirators, including Keshishyan, used cash advance kiosks at casinos in California and Nevada to withdraw -- all within 60 seconds -- several times the amount of money deposited into the accounts, by exploiting the Citibank security gap they discovered."
....

Attackers are increasingly using a simple method for finding flaws in websites and applications: They Google them. Using Google code search, hackers can identify crucial vulnerabilities in application code strings, providing the entry point they need to break through application security.

Read more: http://www.informationweek.com/security/attacks/60-second-cash-kiosk-hackers-steal-1-mil/240012604

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 14 replies, 3425 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (3) ReplyReply to this post
14 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
60-Second Cash Kiosk Hackers Steal $1 Million: FBI (Original Post) mahatmakanejeeves Oct 2012 OP
No honor among thieves corkhead Oct 2012 #1
You said it! SoapBox Oct 2012 #3
But Republicans that steal BILLIONS can't ever be found. Ikonoklast Oct 2012 #2
It is pretty lousy programming. cosmicone Oct 2012 #4
Exactly. Whatever happened to record locking? mikeytherat Oct 2012 #5
Can citibank make money in 60 seconds? DoBotherMe Oct 2012 #7
Or security costs money they'd rather funnel to themselves than the 99%. nt Doremus Oct 2012 #10
i'm guessing Kelvin Mace Oct 2012 #9
Comp Sci 101 htuttle Oct 2012 #12
they stole the money that Citibank stole from the taxpayers during the bailout. olddad56 Oct 2012 #6
I want to know more about this "security gap" dixiegrrrrl Oct 2012 #8
I bet we see... PopeOxycontinI Oct 2012 #11
I know it's tantamount to supporting vigilante justice, Volaris Oct 2012 #13
Time to send in... KansDem Oct 2012 #14
 

cosmicone

(11,014 posts)
4. It is pretty lousy programming.
Reply to mahatmakanejeeves (Original post)
Wed Oct 31, 2012, 01:04 PM
Oct 2012

When one transaction opens, it should lock the account until it is complete before another transaction can be started whether in 60 seconds or not.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

Kelvin Mace

(17,469 posts)
9. i'm guessing
Reply to cosmicone (Reply #4)
Wed Oct 31, 2012, 02:25 PM
Oct 2012

based on when I worked installing PCs in banks and got to ask lots of questions of the ATM guys that they are sacrificing security for speed. But, this all begs the question: Why is the source code for ATMs on the net? Didn't Diebold learn anything with the voting machine fiasco?

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

htuttle

(23,738 posts)
12. Comp Sci 101
Reply to cosmicone (Reply #4)
Wed Oct 31, 2012, 05:55 PM
Oct 2012

Writing a simple transaction engine that locks the account and avoids issues like this is often one of the class assignments.

Guess the ATM programmers didn't take that class?

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

PopeOxycontinI

(176 posts)
11. I bet we see...
Reply to mahatmakanejeeves (Original post)
Wed Oct 31, 2012, 03:56 PM
Oct 2012

a lot of this shit after Sandy. Lots of people camping out at
unsecured wi-fi spots. Easy for a hacker to get your shit that
way.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Volaris

(10,274 posts)
13. I know it's tantamount to supporting vigilante justice,
Reply to mahatmakanejeeves (Original post)
Wed Oct 31, 2012, 06:18 PM
Oct 2012

but honestly, I almost can't feel bad for Citibank. Fuck em.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Latest Breaking News»60-Second Cash Kiosk Hack...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.