Saudi cops cuff four for mad bank card scam

Easy money


Four teenage Saudis have been arrested over a technically implausible ATM scam said to have netted US$533,000 (two million Saudi Riyals) over two years.

The unnamed youngsters from the Taif area of Western Saudi Arabia apparently discovered game cards from the local mall allowed them to withdraw the same amount of money as the last previous legitimate ATM customer. The Terminator 2-style trick only worked at the machines run by one particular bank which "used an old system", according to authorities.

Funds came straight out of the bank's reserves and not from those of the previous customer. Bank officials reportedly noticed the discrepancies and called in the police, who tracked down one of the miscreants using video records and photos taken by ATM cameras.

The arrest of one of the group led to the arrest of three of his cohorts, who had used their ill-gotten gains to buy five cars, various Japanese imports.

Local reports are technically sketchy and fail to explain how the ATM machines, however old they were, accepted game cards.

The only theory that comes to mind is that the game cards were in some way similar to maintenance cards used by engineers to service the machines. This doesn't seem at all likely, and it seems more plausible that some sort of ATM skimming and reprogramming of the game cards was involved in the scam. ®

Broader topics

Narrower topics


Other stories you might like

  • World Economic Forum wants a global map of online crime
    Will cyber crimes shrug off Atlas Initiative? Objectively, yes

    RSA Conference An ambitious project spearheaded by the World Economic Forum (WEF) is working to develop a map of the cybercrime ecosystem using open source information.

    The Atlas initiative, whose contributors include Fortinet and Microsoft and other private-sector firms, involves mapping the relationships between criminal groups and their infrastructure with the end goal of helping both industry and the public sector — law enforcement and government agencies — disrupt these nefarious ecosystems.  

    This kind of visibility into the connections between the gang members can help security researchers identify vulnerabilities in the criminals' supply chain to develop better mitigation strategies and security controls for their customers. 

    Continue reading
  • Cloud services proving handy for cybercriminals, SANS Institute warns
    Flying horses, gonna pwn me away...

    RSA Conference Living off the land is so 2021. These days, cybercriminals are living off the cloud, according to Katie Nickels, director of intelligence for Red Canary and a SANS Certified Instructor.

    "It's not enough to pay attention to the operating systems, the endpoints, said Nickels, speaking on a SANS Institute panel about the most dangerous new attack techniques at RSA Conference. "Adversaries, a lot of their intrusions, are using cloud services of different types."  

    And yes, living off the land (or the cloud), in which intruders use legitimate software and cloud services to deploy malware or spy on corporations and other nefarious activities, isn't a new type of attack, Nickels admitted. "But what's new here is the levels to which using cloud services [for cyberattacks] has risen." 

    Continue reading
  • Alibaba continues international expansion – adds two datacenters and a bank
    Bit barns in Saudi Arabia, all-digital bank in Singapore

    Alibaba's cloud business and financial services affiliate Ant Group has expanded further out of China this week, by opening a pair of datacenters in Saudia Arabia and a digital wholesale bank in Singapore.

    Alibaba Cloud and Saudi Telecom Company (STC) have opened two cloud services in Riyadh which will serve as a regional hub as part of a joint venture called the Saudi Cloud Computing Company (SCCC). STC confirmed the launch on Tuesday and the joint venture, SCCC, shared scenes from the launch.

    Other businesses playing a part in SCCC are eWTP Arabia Capital, the Saudi Company for Artificial Intelligence (SCAI), and the Saudi Information Technology Company (SITE).

    Continue reading
  • Microsoft seizes 41 domains tied to 'Iranian phishing ring'
    Windows giant gets court order to take over dot-coms and more

    Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India. 

    The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job recruiters to lure marks into running malware on their PCs.

    "Bohrium actors create fake social media profiles, often posing as recruiters," said Amy Hogan-Burney, GM of Microsoft's Digital Crimes Unit. "Once personal information was obtained from the victims, Bohrium sent malicious emails with links that ultimately infected their target's computers with malware."

    Continue reading
  • Cops' Killer Bee stings credential-stealing scammer
    Fraudster and two alleged accomplices nabbed in joint op

    An Interpol-led operation code-named Killer Bee has led to the arrest and conviction of a Nigerian man who was said to have used a remote access trojan (RAT) to reroute financial transactions and steal corporate credentials. Two suspected accomplices were also nabbed.

    The trio, aged between 31 and 38, were detained as part of a sting operation involving law enforcement agencies across 11 countries: Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Nigeria, Philippines, Singapore, Thailand, and Vietnam. 

    The suspects were arrested in the Lagos suburb of Ajegunle and in Benin City, Nigeria. At the time of their arrests, all three men were in possession of fake documents, including fraudulent invoices and forged official letters, it is claimed.

    Continue reading
  • FBI, CISA: Don't get caught in Karakurt's extortion web
    Is this gang some sort of Conti side hustle? The answer may be yes

    The Feds have warned organizations about a lesser-known extortion gang Karakurt, which demands ransoms as high as $13 million and, some cybersecurity folks say, may be linked to the notorious Conti crew.

    In a joint advisory [PDF] this week, the FBI, CISA and US Treasury Department outlined technical details about how Karakurt operates, along with actions to take, indicators of compromise, and sample ransom notes. Here's a snippet:

    Continue reading

Biting the hand that feeds IT © 1998–2022