Computer Crime Research Center


3 minutes to get your cash

Date: March 09, 2005
By: Nicky Hager

A New Zealand computer hacker has accessed the private bank accounts of dozens of unsuspecting Kiwis, showing how easy it is to break into our internet banking system.

The hacker installed software in a Wellington internet cafe that allowed him to gather the user names and passwords of people banking online at the cafe.

Details of the incomes, savings and spending patterns of numerous Westpac, BNZ, ANZ, ASB, National, Kiwibank and PSIS customers were accessed, and police are warning the 1.36 million Kiwis who bank online that it is a "very risky" way of banking.

It took the hacker just three minutes to install the hidden software last month, and in the following weeks he accessed accounts with balances totalling more than $500,000.

You are equally at risk at home, as the software can infiltrate your computer via a rogue virus in an email attachment or when you visit an apparentely normal, but dodgy, website.

One bank has made a confidential settlement to one customer, an Auckland man, who lost $20,000 in one such sting last year.

The New Zealand hacker, known as "bofn", gained access to the bank accounts to highlight the lax security around internet banking. He said he had tried to tell his bank how poor its security was compared with banks in Europe, but he got nowhere "waiting in telephone queues and being fobbed off by disinterested bank staff".

He decided instead to use his computer skills to demonstrate the problem.

Consumers' Institute director David Russell warns people to be "incredibly vigilant" at tracking their internet banking transactions because, "with the majority of big banks the system is not as secure as it should be".
Original article

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2006-01-22 15:26:54 - oye man me podes dar jarek de cash villa warnes
2005-11-02 09:43:58 - Thank you for the information! Pisho
2005-03-30 22:54:44 - que me mande ami msn el hacker de cash diego
Total 3 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo