mailing list archives
Re: [PEN-TEST] Citibank (Last details)
From: "J. Oquendo" <intrusion () ENGINEER COM>
Date: Sun, 5 Nov 2000 13:54:49 -0500
Sorry for flying off a bit on the "Citibank" posts. Anyways what was happening on the actual hacks was, Citibank
employees along with the FBI were monitoring the hackers from the first time they were detected. What had happened was
the hackers, weren't able to be traced immediately and they were separated off of the normal network and a makeshift
network was replicated to keep them coming back.
This network was an exact replica of the original machine and was put in place as a honeypot to trap the hackers. The
agents and Citibank staff allowed funds to be transfered while attempting to locate the hackers since they (the
hackers) were not your typical kind of compgeeks.
Upon every login the intruders would transfer minimal amounts of funds from various accounts in an effort to circumvetn
detection via means of the SEC $10,000 rule. Once the identities were established they were apprehended and the money
was recovered. According to my friend who was one of the staff there at the time, he would have to work at x times of
day and night along with agents until they arrested the criminals.
I wish I could provide you with solid documented details but I doubt the FBI would allow such information regarding
their methods be posted.
Anyways media's misreporting (as always) blew the case way off proportion and took the limelight away from hackers who
broke into another bank during the same exact timeframe the feds were working on the Citibank case. It was THIS case in
which hackers nor the money was every recovered as I understand.
sil () antioffline com || sil () disgraced org
sil () siliconinc net || sil () deficiency org
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup
- Re: [PEN-TEST] Citibank (Last details) J. Oquendo (Nov 06)