Computer Crime Research Center


Man stole $1,000,000 from the bank using laptop

Date: April 11, 2005
Source: Computer Crime Research Center
By: CCRC staff

ZAPOROZHYE, Ukraine (CCRC) - This case was an unusual one. Firstly, hacking appeared relatively not so long ago. Secondly, the criminal meaningly wanted to be found.

There is such a kind of people who are called born hackers. A PC is the best friend for them, they know everything about computers. And Stas was such a person. Having graduated from a technical school he found a work in the department of technical support of one of the major banks without any difficulties. After a while, his talent was fairly estimated and Stas became a chief of technical support department. But when the new higher management of the bank came, everything has changed. At first, Stas was "temporarily" suspended from the position of the chief of the department. New people were hired to the department where Stas used to work, no one recalled about a talented and hard-working guy. He was offered to get a non-existent position of deputy chief of another department. Stas wasn't involved in work where he was great.

Such attitude of the management to his work caused Stas to quit. But his pride and offence that he was not estimated as a high-class specialist vexed him very much. He wanted to prove his narrow-minded heads that he was the ace of aces in his work.

Many Ukrainian banks use "Client-Bank" system. This system allows you to transfer money from accounts of the clients to another accounts on-the-fly. The transfer is computer-facilitated. As Stas worked in bank, he often dealt with this system, knew many of its codes and passwords. At that, the young man understood that "Client-Bank" is far from perfect. A good computernik could hack it with no trouble.

Having retired, Stas wanted to draw attention of the former heads to such imperfect system. He decided to develop his own security system and to offer it to bank in order to get his old position back. The plan was as follows: to penetrate in the "Client-Bank" and to make minimum alterations. Someone in bank should notice that the system was hacked. In order to penetrate into the "Client-Bank", Stas used passwords and keys that he knew and the other codes that he picked up with the help of hacker websites. There one can find detailed cases of hacking into computer networks, methods of hacking and needed tools. Having picked up the necessary passwords, Stas periodically got in bank's computer systems and left signs. Technical personnel should have fixed it and alerted. But much to his surprise, no one has ever noticed his penetrations into the bank system!

Then the hacker complicated his plan: he decided to forge a payment order and to transfer a huge sum through the computer system. With the help of a laptop computer and a mobile phone with a built-in modem, Stas penetrated in the bank computer system about 30 times, reviewed documents, clients' accounts, movement on accounts. Soon he chose a victim: the money were transferred from the regional custom house to an account of non-existent firm.

Having obtained access to bank's computer system, Stas created computer payment order in which he transferred 5 million UAH (~$950,000) from the account of the custom house. A regional firm-bankrupt was the recipient of the transfer. We should notice that Stas knowingly made several mistakes in the payment order giving another chance for bank employees to notice that someone penetrated in their computer system. But workers that maintained the "Client-Bank" system didn't even notice any mistakes in the payment order and transferred 5 million UAH to the account of a fake company! Only then Stas understood that he got into a mess. He didn't want the bank to transfer money. Then it became a theft, not just a usual penetration. He turned to be a criminal.

In few hours after the money transfer, bank employees called to the custom house to request confirmation of the transfer. They were informed that no one transferred such a sum. The money were quickly returned to the account, and the Prosecutor Office filed a criminal case.

Early in 2005 Stas appeared in the court. He was charged on committing crimes violating part 2 of the Article 361 of the Criminal Code of Ukraine -- illegal interference with operation of computer system with causing damage -- and part 5 of the Article 185 -- grand theft. But since the money was returned to the owner and the bank computer system incurred minimum damage, the bank's management turned down any claims. So the charges were changed to illegal interference with operation of computer systems.

Stas is free now. But still he can't help thinking that his foolish idea grew into such big trouble. Harmless jokes led him to prisoner's box.

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2005-09-17 11:51:49 - Your blog is realy very interesting. Sofia
2005-05-10 02:08:55 - i think the david are really sad and he... cowman
2005-05-10 02:00:55 - David comas is a sad child if he has to... Monkey child 2
2005-05-04 23:18:44 - cooliomonkey and david comas are gay lovers 321
2005-05-03 12:21:53 - who ever stole the money is a really... Cooliomonkey
2005-04-22 04:40:23 - i think monkey child is gay and he is a... david comas
2005-04-19 23:00:52 - funny playerfn
2005-04-15 07:49:19 - I believe this to be quite a humerous... monkey child
Total 8 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo