Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Hacking News

Hacking News

Hackers Take the US Banking Industry by Storm

Citibank and Microsoft to blame?

By George Craciun, Security News Editor

2nd of July 2008, 12:33 GMT

Adjust text size:


Hackers target Citibank ATMs
Enlarge picture
Three hackers, Yuriy Rakushchynets, Ivan Biltse and Angelina Kitaeva, managed to get access to Citibank ATM machines placed in 7-Eleven stores and steal $2 million. Citibank is not the only one to blame since the entire system is owned and operated alongside two other companies (Cardtronics Inc. and Fiserv Inc.). All the attacks took place from September 2007 until March the current year. The hackers are just now being brought to justice, all of them being charged with conspiracy and fraud.

It seems that the hackers managed to acquire the PIN numbers of numerous Citibank customers by targeting the back-end computers that determine whether a withdrawal is legitimate or not. They did not attack the ATM itself, but a 3rd party processor. The exact number of clients affected by the hackers is yet to be determined. What we do know is that a total of 5,700 Citibank ATMs are placed in 7-Eleven shops all across the US.

Citibank representatives have declined to comment in regard to how the hackers were successful. This statement was issued: "We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts". If you are a Citibank customer and this affects you, the bank will most likely contact you with detailed info as well as issue you a new debit card.

The Microsoft Corporation has also come under scrutiny because the Windows OS is used as a building block for the ATM infrastructure. The bank can remotely access the ATM and diagnose it or even repair it. The network must be set up in a secure way and all PIN numbers must be kept confidential. There are industry standards in this regard, but not all financial institutions follow them.

Avivah Litan, security consultant with Gartner (a company that specializes in providing IT management solutions) had this to say: "PINs were supposed to be sacrosanct - what this shows is that PINs aren't always encrypted like they're supposed to be. The banks need much better fraud detection systems and much better authentication."

TAGS:

 hacking | Microsoft | financial


Rating:
NOT RATED 0 vote(s) so far    

Read by 814 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Valve Hacker Caught by Police Forces

iPhone and Blackberry Devices on the Spammers' List

SecureWorks Warns European Banks of Spam Related Scams

British Researchers Show Off Password Security System

Web Browsers Put Half the World's PCs at Risk

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive