[ISN] Bank attack used key-loggers costing just £20

InfoSec News isn at c4i.org
Thu Apr 21 01:25:00 EDT 2005


Peter Warren
20 April 2005

The hacker attack on Sumitomo Mitsui bank last month involved the use
of keyboard logging devices costing as little as £20 each, according
to sources close to the investigation.

Computing has learned that the attempt to steal an estimated £220m
from the London office of the Japanese bank relied on battery-sized
hardware bugging devices plugged into PCs? USB ports.

Users? keyboards were connected to these key-loggers, which recorded
details of everything typed into the system.

Sources claim that cleaning staff ? or people posing as cleaners ?  
were able to attach the devices to machines. When the plot was
uncovered, bank investigators found some of the devices still attached
to the back of PCs.

The bugging kits, known as hardware key-loggers, can be bought from
spy shops for about £20.

They are difficult to detect unless someone physically examines the
back of the machine.

The devices can then download passwords and other data used to gain
access to the computer system.

"It is known that people have been using devices such as these because
you can buy them from shops. It is highly likely that they have been
used in other scenarios," said Paul Docherty, technical director of
consultancy Portcullis Computer Security.

Many banks are now believed to be permanently connecting keyboards and
other devices into their computers to prevent similar attacks. Sources
say some banks have also banned wireless keyboards in offices.

"This type of scam has been going on for a while. This is an old, old
issue, and people have been talking about it being a weakness for at
least two years now," said a source.

Sumitomo is now believed to have deployed sophisticated software that
monitors the electrical current in computer systems and can tell if
they are being tampered with. A spokesman for the bank declined to
comment on the investigation.

More information about the ISN mailing list