http://times.hankooki.com/lpage/200411/kt2004112315444353460.htm By Chung Ah-young Staff Reporter 11-23-2004 The state prosecution on Tuesday indicted two computer hackers and one of their accomplices on charges of stealing cyber money worth 16.4 billion won ($15.3 million) by infiltrating one of the largest online game firms. The Seoul Central District Public ProsecutorsB!B/ Office said the suspects pocketed the largest amount of cyber money ever obtained in hacking crimes. Investigators said the suspects allegedly broke into the online game site to steal cyber cash, which can be exchanged for real money, and sold it to cyber brokers on Sept. 24-27. Prosecutors said that suspects plotted the crime beforehand through closely reviewing the companyB!B/s electronic payment system and conducted practice runs beforehand. They found that the Web site run by the major game company has a loophole that enabled them to manipulate file contents. Before committing the crime, the suspects did a mock hacking via the service and stole cyber cash worth 27 million won in March and June. Prosecutors said they connected to the companyB!B/s information network system 227 times during the Chusok holiday in September. They illegally charged mileage points worth 164.7 billion won through 152 identification numbers that they set up beforehand. The suspects then allegedly traded stolen cyber cash at 750 million won to a broker, identified as Kim, who also raked in a total of 168 million won by selling it to other brokers through e-mails or identification numbers. Prosecutors said the companyB!B/s damages have been minimized because it immediately shut down the use of the identification numbers right after the crime occurred. However, prosecutors did not exclude the possibility that more damages are expected because game mileage is vulnerable to illegal trading and is circulated through the black market between cyber traders. The amount of cyber money they stole, estimated at mileage points worth 164.7 billion won, is equivalent to the amount only after users have spent 16.4 billion won in buying items or using services the company provides. _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/ - --- end forwarded text - -- - ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -----BEGIN PGP SIGNATURE----- Version: 1308 iQA/AwUBQaNZbMPxH8jf3ohaEQKEMgCg6TxKkxhn/8P1WfjGq3+wD8olfP0AnRcQ G0KREwbqVESINy5ooxPQsctk =6IT1 -----END PGP SIGNATURE-----