Wednesday, January 19, 2005

"Man in the Middle" reported busted in Latvia

My sources tell me that someone pulled a "man in the middle" hack on a Latvian bank and an internet service provider, but got burned for it. Awaiting confirmation from the Economic Police that they have someone under arrest.
The «man in the middle» works as follows:
The hacker uses a nasty tool (CAIN or something like that) to corrupt the address resources of an internet service provider. He puts up a clone of a popular internet banking homepage.
The innocent internet bank customer starts to log on to his bank and thinks all is well, since he gets a secure SSL link, not to his bank, but the clone.
As soon as he starts to log on the clone, where the malevolent hacker sees the customer's information «in the clear», the hacker uses it to log onto the real internet banking page. When, as at some Latvian internet banks, the real bank site asks for a code on a preprinted card at random (please enter code 6). The hacker passes it on to the unwitting customer, who provides the code, allowing the hacker to log on to the real bank account and start stealing.
The hacker had apparently been a pest to the ISP for a long time, and now, with a serious crime committed or at least attempted, both the ISP and the bank are glad to have him/her put away.
Apparently, this rather sophisticated type of cybercrime has occurred elsewhere around the world, including Estonia. No bank is likely to confirm that it has been victimized. Nor is an ISP likely to put out a proud press release on how it was hacked.


7 comments:

Anonymous said...

Hanzanet/apollo.

Anonymous said...

hanzanet/apollo

Juris Kaža said...

Well, your guess is as good as mine :) :)

Anonymous said...

Juris, Your info is totally wrong... Only this phrase is true: "The hacker uses a nasty tool (CAIN or something like that) to corrupt the address resources of an internet service provider."

Regards,
chromel

Anonymous said...

And actually, provider was not Apollo :-P

chromel

Juris Kaža said...

Chromel,
My info is from two knowledgeable sources who I have reason to believe know what they are talking about in the area of cybersecurity. What do you mean by wrong? The description of how the crime was done or the claim that there was any crime at all (or an attempted crime)? If you are/or read Latvian, you can check out Dienas bizness, January 27 (the paper edition has a diagram). I finally wrote the story after the second source turned up.

Anonymous said...

Well...
Wrong is description how THIS crime was done. Actually, the fraud scheme you wrote in DB is really possible, but not THIS case.
I believe, your information sources are very knowledgeable, but... this crime was done in the more simply way.

Chromel