In association with heise online

31 October 2012, 16:44

Ocean's 14 - high-speed bank fraud at casinos

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

ATM Casino Criminals have used a bit of trickery to rob $1 million from Citibank. The criminals found out that they could withdraw many times the deposited amount in a bank account if they operate in parallel and within a very narrow time window.

To exploit the vulnerability, the robbers had to be very precise and withdraw identical sums within 60 seconds. In this time window, Citibank didn't detect that the withdrawn amounts were many times higher than the available balance. This was possible due to a flaw in Citibank's security protocol for electronic transactions. According to a report from The Press-Enterprise, the vulnerability has now been closed.

Apart from group leader Ara Keshishyan, 13 other individuals were involved in the bank fraud. Keshishyan opened accounts with an initial deposit of around $10,000 that were subsequently raided via special cash machines in at least eleven different casinos in the US States of California and Nevada. To avoid US federal reporting requirements for financial transactions, the criminals never withdrew more than $10,000. They spent the money where they stole it, using it to gamble and sometimes even enjoying free accommodation in the casinos due to their "high roller" status.

The FBI says that each of the 14 criminals is now facing up to five years in prison and a $250,000 fine. Things could get a little more uncomfortable for gang leader Ara Keshishyan: he has been accused of 14 cases of bank fraud, and each of these accusations is potentially punishable with up to 30 years imprisonment and a $1 million fine.

FBI agent Daphne Hearn explained: "While advancements in technology have created a world of accessibility to users and a convenience for consumers, they have also left room for criminals to exploit even the smallest of loopholes."


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit