Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Crime The Almighty Buck Input Devices United Kingdom

Another British Bank Hit By KVM Crooks 75

judgecorp writes "Another British bank — Barclays — has been hit by a fraud attempt using a stealthily-planted KVM (keyboard, video, mouse) device. Unlike the previous attempt on Santander, the crooks got away with £1.3 million, but were subsequently apprehended by the Metropolitan Police's Central e-Crimes Unit."
This discussion has been archived. No new comments can be posted.

Another British Bank Hit By KVM Crooks

Comments Filter:
  • Makes you wonder how many other times has this been done where the crooks got away scott free and the bank just didn't want to go public about it?

    • by AHuxley ( 892839 )
      Time for the buddy system for all staff or contractors :)
      As for the numbers, the KVM teams only have to be lucky once – the bank will have to be lucky always.
    • Well, for the most part, the thefts have only involved tiny fractions of pennies normally lost due to rounding errors, so usually they don't get caught...
      • by Nyder ( 754090 )

        Well, for the most part, the thefts have only involved tiny fractions of pennies normally lost due to rounding errors, so usually they don't get caught...

        https://en.wikipedia.org/wiki/Superman_III [wikipedia.org]

        Ya, Richard Pryor ftw.

        • The real life incident occurred in the 1970's. A technician realized that the rounding errors were money that could be stolen so he rewrote the rounding code so that everything from the sixth digit to the right of the decimal point were transferred to his account before the rounding operation that now essentially did nothing. This method left no trace and everything balanced out perfectly, except for one thing. Regular bank accounts were represented using a limited number of bits and the balance on his acco

    • Re:The Question is (Score:5, Interesting)

      by abigsmurf ( 919188 ) on Saturday September 21, 2013 @04:22AM (#44910611)
      Apparently about 2/3rds of crooks get away with it. The ones who do are the ones who do a one off of $500,000 or so and the banks decide it's better to absorb the loss then to go to the police and take the PR and resources hit that goes with it. The ones who do get caught are the ones who get greedy and do it multiple times or go for too much. There was an interview on Radio 4 talking about it (may have been the catch-me-if-you-can guy, can't remember for sure).
    • by slick7 ( 1703596 )
      Just like the banksters to use this excuse as a means of covering their tracks whe customers accounts are emptied. And banksters wonder why I refuse to use online banking.
    • Makes you wonder how many other times has this been done where the crooks got away scott free and the bank just didn't want to go public about it?

      Makes me wonder how many times it happened and the operator who's login was used got the blame.

  • ... to good old security? You know, checking who gets into the staff premises of a bank?

    I bet they thought it was a low risk area, because it was only handling "data". But "data" is money...

    • Some times the works don't get staff ID's or it can be easy to say I got a call just now to come out or just show some paper work that looks like an work order. And they can say the system placed the call on it's own.

    • by mjwx ( 966435 )

      ... to good old security? You know, checking who gets into the staff premises of a bank?

      I've worked on government high security sites and corporate high security sites.

      Only the former is really secure. The latter will eschew security for money.

      At the government site (not a military site) a sub contractor who didn't have ID or was listed on the work order was denied access by the security guards. He and his boss yelled and screamed until some AFP officers (Australian Federal Police) appeared out of a hidden door and escorted them out. Conversely, I've seen people into "highly secure" data

  • Looks like a KVM-over-IP box, possibly. But those don't have video passthrough, so it'd be detected in no time at all. I can see how such a scam could work (KVM-over-IP + access point + VGA splitter), but not with the hardware described. You'd have to depend on employees leaving their station unlocked, but that is going to happen sooner or later.

    I'm not sure if this is a deliberate Met policy of withholding the details of crimes to prevent imitation, or just non-technical reporting trying to express complic

    • Yea "KVM-over-IP box, possibly. But those don't have video passthrough," you might want to recheck around the web cause they do. Just took me a whole 2sec google search to fine like 5 of them that will do video as well. Softlayer which is a large host provider (for people that don't know) they have kvm over ip set on their network as well.
    • by Anonymous Coward

      This would do the trick and is pretty small :) http://www.lantronix.com/it-management/kvm-over-ip/spiderduo.html

    • You don't need video passthrough if you have a VGA splitter cable. One end to the monitor, one to the KVM over IP unit. http://www.minipc.de/catalog/il/858 [minipc.de]

      That's if you haven't gone for the unit linked in one of the responses below that has passthrough.

    • by Bert64 ( 520050 )

      You'd be better off with a regular wireless access point that includes a built in switch...
      Drop it in between an existing workstation (or other networked device like a printer) and the wall, legit device keeps working but the lan is now extended outside and you can sit outside or in a nearby coffee shop.

      Once your on the internal network, the rest is absolutely trivial... A port scanning tool and a copy of metasploit, you'll have domain admin within a few minutes and chances are even if the important stuff i

      • Except this is a bank - they probably have a little more security than that. Like 802.1x, which makes that process a little bit trickier, and the appearance of an unauthorised MAC is likely to trigger an IDS alert so you may need to hack the AP to make sure it stays quiet and lets you spoof a workstation.

    • It's probably more like a glorified "keylogger"

      A simple KVM box with one of those low powered credit card PC's fitted inside, stick in a rechargeable battery and wire it to draw power from the usb input, It sits there day after day recording key strokes and mouse movements with the odd screen grab. the on board PC then compresses it in to manageable chunks of zips, rars or tar's and waits for one of the gang to walk into the Bank at a busy time of the day. Then it sends it to a receiver via wifi in the croo

  • Can we rename it VKM, so that it doesn't conflict with Kernel-based Virtual Machine?
    • Re:Ugh... (Score:5, Insightful)

      by _merlin ( 160982 ) on Saturday September 21, 2013 @04:17AM (#44910597) Homepage Journal

      KVM switches have had that name since at least the early '90s. How about Linux developers check to see that the aren't causing naming conflicts when they christen their projects?

      • To be fair, this cloudy out-of-your-control virtual nonsense has been around since the '60s. But then we called it a virtual machine monitor (VMM).

        Has anyone stopped to think how poorly systems are now architected that each person has gone back to feeling they need a whole piece of virtual hardware to themselves? Regression - it's not just economic.

  • Users (Score:5, Interesting)

    by Skiron ( 735617 ) on Saturday September 21, 2013 @07:17AM (#44911013)
    When I was syadmin a few years ago, I really used to get SO bloody angry with the maintenance guys, as they used to call in photocopy machine engineers when the things went wrong. Of course, they never informed the IT department (ME!), so all of a sudden, when I was going somewhere, I saw an 'unknown' guy hooked up with a laptop on the companies network *.

    No matter WHAT I told them about security, it didn't matter - a working photocopier was more important than security.

    This is obviously a similar situation - some 'official looking' technical guy turns up, tells a few porkies, and the staff just let him get on with it without any checks.

    * I later coded a short perl script to send me a mail when an unknown MAC connected to the LAN.
    • by antdude ( 79039 )

      It bugs me why IT people don't handle printer, copy, and fax machine issues (e.g., changing cartridges) at my huge workplace. They use maintenance guys.

  • Because they used an electronic gadget in the commission of a crime? This was a social engineering ploy, the tech played a minor role. Even TFA (yes, I read it) explained that the technology involved was "crude."

    The "tech expert" they interviewed is just adding fuel to the idiot fire by explaining that antivirus won't help, giving undeserved credence to the notion that this was a technological attack.

    Stop prefixing e- and cyber- and other bullshit to make yourself sound modern because you actually sound l

  • It is funny how the media reports it as a sophisticated attack with criminal masterminds as they don't want you to know that it is something that pretty much anybody with a little tech understanding could do. They are only reporting this one because they were such clever criminal masterminds that they got caught doh! Anyone with the courage to go in to a bank masquerading as in IT contractor could plug such a device into a PC. In fact I'm sure many geeks could come up with a far less obvious solution fitte
    • It is funny how the media reports it as a sophisticated attack with criminal masterminds as they don't want you to know that it is something that pretty much anybody with a little tech understanding could do. They are only reporting this one because they were such clever criminal masterminds that they got caught doh!

      I'm sure it's also that they want it to seem that the police are complete tech geniuses that can thwart any crime, no matter how much of a "criminal mastermind" the perpetrator is. In reality, of course, they're just as incompetent as the criminals for the most part.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...