Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Citibank (Last details)
From: "J. Oquendo" <intrusion () ENGINEER COM>
Date: Sun, 5 Nov 2000 13:54:49 -0500

Sorry for flying off a bit on the "Citibank" posts. Anyways what was happening on the actual hacks was, Citibank 
employees along with the FBI were monitoring the hackers from the first time they were detected. What had happened was 
the hackers, weren't able to be traced immediately and they were separated off of the normal network and a makeshift 
network was replicated to keep them coming back.

This network was an exact replica of the original machine and was put in place as a honeypot to trap the hackers. The 
agents and Citibank staff allowed funds to be transfered while attempting to locate the hackers since they (the 
hackers) were not your typical kind of compgeeks.

Upon every login the intruders would transfer minimal amounts of funds from various accounts in an effort to circumvetn 
detection via means of the SEC $10,000 rule. Once the identities were established they were apprehended and the money 
was recovered. According to my friend who was one of the staff there at the time, he would have to work at x times of 
day and night along with agents until they arrested the criminals.

I wish I could provide you with solid documented details but I doubt the FBI would allow such information regarding 
their methods be posted.

Anyways media's misreporting (as always) blew the case way off proportion and took the limelight away from hackers who 
broke into another bank during the same exact timeframe the feds were working on the Citibank case. It was THIS case in 
which hackers nor the money was every recovered as I understand.

Jesus Oquendo
sil () antioffline com || sil () disgraced org
sil () siliconinc net  || sil () deficiency org

FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup

  By Date           By Thread  

Current thread:
  • Re: [PEN-TEST] Citibank (Last details) J. Oquendo (Nov 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]