CitiBank Denies Losing Millions To Russian Hackers

Saturday, November 13, 2010

Headlines

69dafe8b58066478aea48f3d0f384820

Authentication credential stealing malware called "Black Energy" was reported to have been used to pilfer millions of dollars earlier this year form CitiBank, the banking arm of CitiGroup.

Reports from several news organizations suggest the infamous "Russian Business Network" is behind the heist, and that the FBI has begun investigating the theft, though officials at CitiGroup have denied the events ever took place.

“Any allegation that the FBI is working on a case at Citigroup involving a breach of Citi systems resulting in tens of millions of dollars of losses is false,” CitiGroup said. “There has been no breach and there have been no associated losses.”

A former member of the World Bank's security team stated that the vast majority of heists targeting large institutions are being conducted virtually, and that the financial sector is "hemorrhaging funds".

This is not the first big heist to be reported and denied by the financial industry, and it certainly will not be the last. Criminal networks methodically probe for weaknesses in networks, and regularly exploit vulnerabilities in systems at every level.

Once a vulnerability is identified, criminal networks can either move swiftly and in a highly coordinated manner to siphon funds in a matter of hours, or slowly over a long period of time to avoid detection.

Source: http://www.freehacking.net/2010/11/russian-hackers-hacks-citibank-steal.html

Possibly Related Articles:
7360
Breaches
breaches Hacking Banking Headlines Russian Business Network
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.