The Russian Business Network, a well-known gang of Russian cyber-thieves, is suspected of stealing millions of dollars from Citibank in a year-long scam that was only detected last summer when the FBI and the ultra-secret National Security Agency detected suspicious traffic from security-flagged computers in Russia. It is not yet clear how much the thieves got away with, or if they gained access to Citibank's systems directly or through a third party. But, says the Wall Street Journal, the incident underscores the blurred lines between the criminal and national-security threats in this new area of enterprise. Joe Petro, managing director of Citigroup's Security and Investigative services, denies there has been any intrusion. "We had no breach of the system and there were no losses, no customer losses, no bank losses. Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true." However, banks are typically loath to confirm instances of electronic crime. Still, it goes on. Last month, prosecutors in Atlanta named eight suspected Russian and Eastern European hackers, most still at large, who they say broke into a US unit of Royal Bank of Scotland in 2008 and stole $9 million from ATMs in 280 cities world-wide in a matter of hours. The FBI says electronic theft exceeded $260 million in the US last year and attacks are on the increase. People knowledgeable about the latest alleged incident say the hacker used software called Black Energy, a program developed by a Russian hacker who goes by the name of Cr4sh, that is used to block websites and then steal banking credentials and passwords. "There were some sophisticated elements that made it hard to block," said a Wall Street Journal source The new technology allows hackers to transfer money from one bank into accounts thousands of miles away - in this case, Latvia and the Ukraine - and gives authorities little time to act. Robert Blanchard, a New York businessman, says more than $1 million was transferred from his account to accounts in Latvia in matter of moments. "Even the bank can't act as quickly as these guys," Blanchard said. Investigators discovered that a computer at Blanchard's firm has been infected with Black Energy. Citibank declined to comment on the incident, saying only that customers were "not liable for any unauthorised use of their accounts". Filed under: Cyberwar, cybercrime, Banking, banks, FraudCyber-thieves ‘steal millions from Citibank’
Russians used Black Energy software to block websites and discover passwords
Wednesday, 23 December 2009
LAST UPDATED 11:28 AM, DECEMBER 22, 2009
Posts
