31-year-old hacker arrested for stealing data from a Polish bank

A news report broadcast and published in Radio Poland confirms that a 31-year-old hacker has been arrested who ‘stole’ data from the servers of an unnamed bank in Poland.

According to Katarzyna Balcer, spokesperson of police, the hacker, named as Tomasz G. under Polish privacy laws, had received several charges relating to computer fraud and money laundering. He would face up to 10 years imprisonment.

 The investigation has been led by the District Prosecutor's Office in the Praga district of Warsaw.
The ongoing investigation has shown that many hackers were collaborated in order to broke into the bank.

"The suspect worked with dozens of individuals and entities. The hackers have led to losses of more than PLN four million. We were able to prevent the theft of another PLN 3.5 million," Balcer added.

It was found out that the chap allegedly went by the online handle ‘Razor4’.

According to a news report published in The Register, in June Polish tech security news website Zaufana Trzecia Strona was contacted by a person using the email address razor4@t.pl, who claimed he had exploited an unspecified vulnerability to access the bank's public-facing servers "for a few weeks."

At that time, the hacker was able to snatch credit card, steal bank account information, make unauthorized transactions, and access the personally identifiable information belonging to the bank's customers, including account histories.

The person claimed that he stole 1m PLN, however, the bank apparently did not notice for several weeks.

Later, Zaufana Trzecia Strona (ZTS), a security firm, notified the bank about the data breach. After informing the bank, the ZTS got an anonymous threat suggesting that a "contract could be taken out on the author of the article if it were published."

The bank responded only in February when Razor4 had stolen 180,000 PLN in a single transaction. After that only the bank warned its customers to be aware of cash-stealing malware on their PCs.
The news report said, Razor4 demanded a ransom from the bank in order to not publish the data he had stolen and JavaScript code to the bank's web-pages that redirected customer transactions through his own systems. He modified the account numbers so they would match that of accounts under his control.

However, it was published in ZTS’s article that Razor4 registered a web domain name that differed by one letter from the bank's domain name, and assigned the dodgy domain name to his own servers through which transaction were redirected.

Share this with Your friends: