以色列国际ATM黑客Tenenbaum被捕
以色列一名黑客在加拿大被捕,2008年9月入侵加拿大信用卡和借记卡盗取现金账户。在美国全国各地的金融机构也有他的几个数据破坏事件,他的行为造成1000万美元的损失。
他的真名是Ehud Tenenbaum,是一个取得国际声誉的以色列黑客.1998年,当他被确定为领导的团伙侵入属于美国国防部计算机系统,美国航天局,美国的空军和海军,以色列议会,总统,哈马斯,美国麻省理工学院,以及其他美国和以色列的大学。
这些行为,Tenenbaum在以色列缓期6个月并强制6个月感化工作并受到1.8万美元罚款。随后,他被雇用为当地一家公司安全顾问,然后移居法国几年,在2008年3月,进入加拿大6个月的游客签证。
这位29岁的黑客在蒙特利尔成立公司,在那里他开始了一个所谓的安全咨询公司互联网实验室的安全.加拿大2008年9月,他被逮捕.连同他未婚妻Priscilla Mastrangelo 他的商业合作伙伴Sypros Xenoulis和一个Jean Francois 罪名是阴谋从事接入设备欺诈.
调查,Tenebaum侵入计算机网络直接管理现金在卡尔加里,Alberta和他的同谋人为地抬高借记卡的帐户预付获利。这伙人在加拿大从自动取款机获得大约170万美元并在美国使用这些信用卡。
Tenebaum的帮凶刚走出保释,但美国当局提交了一份临时逮捕令,以加拿大同盟身份要求提供保管。根据军事需要,他们要建立一支强大的从事反黑客和追踪引渡。其他没有任何细节披露,案件已被美国密封.
然而,有线获得其手中的一份誓章提交与加拿大法院处理黑客,签署了Darren Hafner,侦探与卡尔加里警察。该文件反映了Tenebaum在若干美国金融机构所针对他的犯罪活动。
美国特工处已经联系以色列黑客2008年1月期间在OmniAmerican信用联盟的沃斯堡,得克萨斯州进行数据破坏,以及在加州其他对全球现金卡。其他两个类似事件2008年5月,Symmetrex受影响,总部位于佛罗里达州一个交易处理器和在印第安纳第一银行来源也归功于他。
据当局称,这些只是袭击的一部分,更大的全球行动。 Tenebaum侵入未经授权的访问的网络,以获得他们的ATM数据库,他在那里提取信用卡信息,并进行了修改,银行帐户。详细资料,然后传给同伙在国外创建假身份证,随后用“钱骡子” ,以从自动柜员机提取现金。
调查人员拦截车辆,包括Tenebaum和他的同事黑客之间即时信息会话,是从服务器托管HopOne McLean的互联网公司,已被用在他们的行动。聊天发现,自动取款机受到了较大的冲击,俄罗斯,土耳其,美国,加拿大,瑞典,保加利亚,德国和“仪”获得了10-20 %的非法收入。在这样一个特定的讨论中,他还吹嘘说黑客进入服务器的阿尔法银行,更大的银行在希腊。
Windows Live编号中使用MSN Messenger的交谈是analyzer22@hotmail.com 。根据记录所获得当局,这个e - mail地址,访问的IP地址分配给该办公室的蒙特利尔互联网实验室安全公司, Tenebaum公司。他的真实姓名和出生日期也被用来创造地址。此外,网络的全球现金卡存取来自同一IP地址,调查人声称。
这是很有趣的是黑客Tenebaum的才干不会采取最基本的措施,以弥补他在轨道。Darren Hafner解释认为,这是他过去没有及时结束建立起来的自大性格造成的。 “我认为他可能已经摆脱了东西长达10年。我们还没有看到或听到他因为五角大楼攻击。但是,这些往往会得到这个'警察不能碰我的态度',然后他们得到草率像任何刑事在任何类型的犯罪,侦探解释道。
提到了总额为1000万美元的损失,但所报告的损失影响美国金融机构只增加约400万美元。其余来自目前尚不清楚,但在另一种即时通讯会议的黑客之一,据称他说,外国同谋,在不到24小时内从Symmetrex破解他赢得了“ 350 - 400 ”(单位:千美元或欧元)。
如果罪名成立的所有指控,Tenebaum风险的一个非常漫长的刑期,但他不是最精通欺诈了。2008年11月在苏格兰皇家银行WorldPay支付处理器发现可能是最复杂的信用卡欺诈行动数据破坏,曾经实施900万美元现金从130个自动取款机,设在全球各地49个城市的窗口,在30分钟,只用100损害卡,限制了他们提出的黑客的攻击。
黑客基地编译:http://news.softpedia.com/news/10-Million-Stolen-by-Notorious-Israeli-hacker-107812.shtml
原文:
Evidence is piling up against "the Analyzer," an Israeli hacker who was arrested in Canada in September 2008 for hacking into a Canadian credit and debit card issuer and siphoning cash out of the compromised accounts. According to an affidavit (PDF) obtained by Wired, authorities in the U.S. also linked him to several data breach incidents at financial institutions across the country, his actions causing losses of 10 million dollars.
The Analyzer, real name Ehud Tenenbaum, is an Israeli hacker who achieved international fame in 1998, when he was identified as the leader of a gang that hacked into computer systems belonging to the Pentagon, NASA, the U.S. Air Force and Navy, the Israeli Parliament, the Presidency, Hamas, the MIT, as well as other U.S. and Israeli universities.
For these actions, Tenenbaum got six months of suspended prison in Israel, was forced to six months of community service and received a fine of $18,000. Subsequently, he was hired by a local company as a security consultant, then moved to France for several years, and entered Canada on a six-month visitor's visa, in March 2008.
The 29-year-old hacker set up shop in Montreal, where he started a security consultancy company called Internet Labs Secure. He was arrested by the Canadian authorities in September 2008, along with his fiancee Priscilla Mastrangelo, his business partner Sypros Xenoulis, and one Jean Francois Ralph, on charges of conspiracy to commit and committing access device fraud.
According to the investigators, Tenebaum hacked into the computer network of the Direct Cash Management in Calgary, Alberta, and artificially inflated the accounts of pre-paid debit cards acquired by his accomplices. The gang then withdrew around $1.7 million from ATMs across Canada and the U.S., using the cards.
Tenebaum's accomplices got out on bail, however the U.S. authorities submitted a provisional warrant to their Canadian counterparts to extend his custody. According to the brief warrant, they were building a strong case against the hacker and were going to pursue extradition. No other details have been disclosed and the case has been sealed in the U.S.
However, Wired got its hands on an affidavit submitted with the Canadian court handling the hacker's case, signed by Darren Hafner, a detective with the Calgary police. The document reflects the extent of Tenebaum's cybercriminal activities and names several U.S. financial institutions targeted by him.
The U.S. secret service has linked the Israeli hacker to data breaches that occurred during January 2008 at OmniAmerican Credit Union of Fort Worth, Texas, and the other against Global Cash Card in Irvine, California. Other two similar incidents dated May 2008 that affected Symmetrex, a Florida-based transaction processor, and 1st Source Bank in Indiana were also attributed to him.
According to the authorities, these attacks were part of a larger global operation. Tenebaum was hacking into the networks obtaining unauthorized access to their ATM databases, from where he extracted credit card information and made changes to bank accounts. The details were then passed on to accomplices in foreign countries that created fake cards that were subsequently used by "money mules" to withdraw cash from ATMs.
The investigators intercepted traffic, including instant messaging conversations between Tenebaum and his fellow hackers, from a server hosted at HopOne Internet Corp in McLean, Virginia, that had been used in their operations. The chat sessions revealed that ATMs had been hit in Russia, Turkey, the United States, Canada, Sweden, Bulgaria, and Germany and that "the Analyzer" was receiving 10-20% of the illegal revenue. In one such particular discussion, he also bragged about hacking into the servers of Alpha Bank, the largest bank in Greece.
The Windows Live ID used in the MSN Messenger conversations was analyzer22@hotmail.com. According to logs obtained by the authorities, this e-mail address was accessed from IP addresses assigned to the Montreal office of Internet Labs Secure, Inc., Tenebaum's company. His real name and birth date were also used to create the address. Furthermore, the network of Global Cash Card was accessed from the same IP address, the investigators claim.
It is quite intriguing that a hacker of Tenebaum's caliber would not take the most basic measures in order to cover his tracks. Darren Hafner thinks this is explained through the arrogance that he built up in time. "I think he's probably been getting away with stuff for 10 years. We haven't seen or heard from him since the Pentagon attack. But these guys tend to get this 'cops can't touch me attitude' and then they get sloppy like any criminal in any type of crime," the detective comments for Wired.
The affidavit mentions a total of $10 million in losses, but the damages reported by the affected U.S. financial institutions only add up to about $4 million. It's not clear where the rest come from, but in another IM session the hacker allegedly told one of his foreign accomplices that he had earned between "350 - 400" (thousands of dollars or euros) in less than 24 hours from the Symmetrex hack.
If found guilty of all charges, Tenebaum risks a very lengthy prison sentence, but he is not the most proficient fraudster out there. A November 2008 data breach at the RBS WorldPay payment processor revealed probably the most complex credit card fraud operation ever instrumented - $9 million were cashed out from 130 ATMs, located in 49 cities across the globe, during a 30-minute window, using only 100 compromised cards that had their limit raised by the hackers.
关键字:黑客
