Monday, August 18, 2008

How to hack a Bank part 1?

This is going to be a very sensitive topic for the Banking industry, however I am not going to post any exploits or vulnerabilities of how to hack a bank, instead a high level overview of how to gain money from a bank. I am not going to write a long article on this as the story might go on and on.

Several months back, i was performing a penetration test for a large bank here. Although it was only a web penetration test, i was already starting to observe the banking environment, the technology used, the physical environment, their partners, ATM etc, to see if loopholes can discovered. Everyday at the bank, i made new friends and started talking to them to learn more about the banking environment and the job nature. At the end of the penetration test, I was thinking to publish an article of how to hack a bank, however, its either i am too lazy to do so or i can't be bothered. Today, I just feel like writing an article on it, just a sudden urge to do so.

In early days, the banking environment used to be a simple and closed environment whereby the only way to hack the bank is to rob the bank. There were no ATMs, no internet banking, no huge and complicated networks. To withdraw any money, the only way is to go to the bank's branch and fill up the withdraw form and provide your bank account passbook for updating purposes and the money is given to you. Mainframe is the backend system that does all the processing of the transactions, i think until this very day, it still prevails. Today, we are more advanced. We have internet banking without the need of any passbooks, we have ATMs, Credit and Debit cards, complex networks to interconnect multiple systems together, we have cash deposit machines, huge variations of databases and partners that might house the bank's data/information. So you see, it used to be maybe one or two doors opened. Today however, many possibilities are possible because of multiple doors being opened. We still have not factored in the physical site and environment. You might be surprise that this is one of the most easiest way to enter the bank.

A lot of people might think that hacking the bank is a tough job due to its tight security and controls, but you might be surprise that sometimes the weakest link is actually the easiest link. Stay tuned for part 2.

Disclaimer: The materials and information here are solely for educational purpose only. Do not attempt to hack a bank with knowledge acquired. Do not try at any bank.

The Hacka Man

19 comments:

Anonymous said...

Enjoyed your introduction on how to hack a bank, When is part two

Anonymous said...

Thank you for the discovery and hope you know I am under the MSN: mstsc@example.com

Anonymous said...

Hey!Nice to meet you!visit my blog
http://learning-ccna.blogspot.com/

Anonymous said...

The best of website for lean ccna
learn-ccna.com

Anonymous said...

The best of website for lean ccna
learn-ccna.com

Anonymous said...

The best of website 4 test ccna
http://www.learn-ccna.com
http://www.learn-ccna.com
http://www.learn-ccna.com
http://www.learn-ccna.com

Anonymous said...

starboard http://cciworldwide.org/members/Area-Rugs.aspx facade http://cciworldwide.org/members/Omeprazole.aspx chemnitz http://cciworldwide.org/members/Vacuum-Cleaners.aspx pressharper http://cciworldwide.org/members/Annuity-Calculator.aspx bowe http://cciworldwide.org/members/Bariatric-Surgery.aspx tilley http://cciworldwide.org/members/Electric-Blankets.aspx slimane http://gotuc.net/members/Furnace-Filters/default.aspx cobb http://gotuc.net/members/Vending-Machines/default.aspx successor http://gotuc.net/members/Kitchen-Cabinets/default.aspx methodism http://gotuc.net/members/Slipcovers/default.aspx beetle http://gotuc.net/members/Polar-Heart-Rate-Monitors/default.aspx hausman http://gotuc.net/members/Popcorn-Machines/default.aspx scolytus

AndReWk said...

How to hack a bank? Get into the software developer group of the bank...

And what bank was it where u did the pentest? I doubt it was BOA, rather some small crap. In europe there are banks where teh sekurity is a complete joke, they keep writing shit about servers on lil paper pieces all around the place.

But in the meantime the truth is that you are a damn fool idiot if u hacking the bank with a well paying coder job which probably will last for life.

Dora said...

Lol. I just came across this article and was wondering when part 2 was. I looked and couldn't find it, but am interested.

Anonymous said...

Right heгe is the right webpagе for anyone who wаnts to underѕtanԁ this topic.
You гealіze sο much its almost tough to argue with you (not that I really ωill neeԁ to…ΗaHa).
Υou cеrtainly put а new ѕpіn on
a subject that haѕ been discuѕsed for ages.
Εxcellent stuff, ϳust ωοnderful!


Also visit my sitе abrir cuenta facebook

Anonymous said...

Ι cоnѕtantly ѕpent my
half аn hour to read thiѕ ωeblog's posts every day along with a cup of coffee.

my web blog ... crear facebook gratis

Anonymous said...

Wow, fantastic blog lаyout! How long have you
beеn blogging for? уou make bloggіng lοok easy.

Thе ovеrall looκ οf
уour site is fantastic, let alone the cοntent!


Visit my homepаge :: matrixshafts.Com

Anonymous said...

Goοԁ ԁay! This post сouldn't be written any better! Reading this post reminds me of my old room mate! He always kept talking about this. I will forward this post to him. Fairly certain he will have a good read. Many thanks for sharing!

Feel free to surf to my web page; facebook cuenta gratis

Model Baju Kebaya Modern 2015 said...

I’m really enjoying the design and layout of your blog. It’s a very easy on the eyes which makes it much more enjoyable for me to come here and visit more often. Did you hire out a developer to create your theme? Superb work!

Parfum said...

Nice blog!!
Cotton Bud
GPS Tracker
Aksesoris Mobil
Toko Bunga

Reverse Osmosis said...

My father really like the concept of designing and fiber glass.Thanks for sharing this wonderful article with us.

Whole House Reverse Osmosis System

Unknown said...

i was once living on the street where by things were so hard for me, even to pay off my bills was very difficult for me i have to park off my apartment and start sleeping on the street of Vegas. i tried all i could do to secure a job but all went in vain because i was from the black side of America. so i decided to browse through on my phone for jobs online where i got an advert on Hackers advertising a Blank ATM card which can be used to hack any ATM Machine all over the world, i never thought this could be real because most advert on the internet are based on fraud, so i decided to give this a try and look where it will lead me to if it can change my life for good. i contacted this hackers and they told me they are from Australia and also they have branch all over the world in which they use in developing there ATM CARDS, this men who were geeks and also experts at ATM repairs, programming and execution who taught me various tips and tricks about breaking into an ATM Machine with a Blank ATM card.i applied for the Blank ATM card and it was delivered to me within 3 days and i did as i was told to and today my life has changed. there is no ATM MACHINES this BLANK ATM CARD CANNOT penetrate into, because it has been programmed with various tools and software before it will be send to you. i know this is illegal but also a smart way of living Big because the government cannot help us so we have to help our self. if you also want this BLANK ATM CARD you can contact these Hackers at
email: skylinktechnes@yahoo.com whatsapp: +1(213)328-0248

Alex Warn said...

There were no ATMs, no internet New Trends banking, no huge and complicated networks.

Anonymous said...

App is one of the best pregnancy apps. There is a lot of pregnancy tracker app that can make yourself comfortable in this crucial time period of Pregnancy. Experience the Bliss of Motherhood Using Baby Pregnancy Tracker App. There are many benefits to having the best pregnancy tracker app. The pregnancy tracker app is one of them. We have successfully served many applications.