[ISN] Hackers Pocket W16 Billion in Cyber Cash

[InfoSec News]

http://times.hankooki.com/lpage/200411/kt2004112315444353460.htm

By Chung Ah-young
Staff Reporter
11-23-2004

The state prosecution on Tuesday indicted two computer hackers and one
of their accomplices on charges of stealing cyber money worth 16.4
billion won ($15.3 million) by infiltrating one of the largest online
game firms.

The Seoul Central District Public ProsecutorsB!B/ Office said the
suspects pocketed the largest amount of cyber money ever obtained in
hacking crimes.

Investigators said the suspects allegedly broke into the online game
site to steal cyber cash, which can be exchanged for real money, and
sold it to cyber brokers on Sept. 24-27.

Prosecutors said that suspects plotted the crime beforehand through
closely reviewing the companyB!B/s electronic payment system and
conducted practice runs beforehand.

They found that the Web site run by the major game company has a
loophole that enabled them to manipulate file contents.

Before committing the crime, the suspects did a mock hacking via the
service and stole cyber cash worth 27 million won in March and June.

Prosecutors said they connected to the companyB!B/s information network
system 227 times during the Chusok holiday in September.

They illegally charged mileage points worth 164.7 billion won through
152 identification numbers that they set up beforehand.

The suspects then allegedly traded stolen cyber cash at 750 million
won to a broker, identified as Kim, who also raked in a total of 168
million won by selling it to other brokers through e-mails or
identification numbers.

Prosecutors said the companyB!B/s damages have been minimized because it
immediately shut down the use of the identification numbers right
after the crime occurred.

However, prosecutors did not exclude the possibility that more damages
are expected because game mileage is vulnerable to illegal trading and
is circulated through the black market between cyber traders.

The amount of cyber money they stole, estimated at mileage points
worth 164.7 billion won, is equivalent to the amount only after users
have spent 16.4 billion won in buying items or using services the
company provides.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable -
http://www.osvdb.org/

- --- end forwarded text


- --
- -----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-----BEGIN PGP SIGNATURE-----
Version: 1308

iQA/AwUBQaNZbMPxH8jf3ohaEQKEMgCg6TxKkxhn/8P1WfjGq3+wD8olfP0AnRcQ
G0KREwbqVESINy5ooxPQsctk
=6IT1
-----END PGP SIGNATURE-----