'

Leaves and Sumitomo

Brian Krebs over at the Washington Post did a little investigative journalism to try and uncover what happened to the author of the Leaves worm from five years ago.  Brian points out that Leaves was an early harbinger of malware being used to generate click fraud.

Brian Krebs over at the Washington Post did a little investigative journalism to try and uncover what happened to the author of the Leaves worm from five years ago.  Brian points out that Leaves was an early harbinger of malware being used to generate click fraud. When he dug in to it he found out that the writer of Leaves, who had been apprehended after a worldwide cyber man hunt, had never been charged.  This brings to mind the Sumitomo Mitsui Bank Heist of last year.  Maybe my Google alerts are not tuned well enough but apparently there have been no charges filed in that case either.

Brief recap:  A gang of cyber bank robbers sneak into the London branch of Sumitomo Mitsui Bank and install hardware keystroke loggers on machines that allow them to gain access to the wire transfer mechanism of the bank. They proceed to transfer over $400 million to various banks around the world. The UK police apparently arrested a bank guard in this case. They also picked up two people in Israel; one Yaron Bolandi, was released on his own recognizance never to be heard from again, the other Aharon Abu Hamra released the same day and was apparently gunned down on the streets of Holon several months later.

So what has happened to this case? I am beginning to sound like a broken record (how long is that simile going to be relevant?) but when are the authorities going to make public the details of the Sumitomo case?  Banks should be taking protective measures against this type of attack. They never will unless there is a public disclosure of what happened at Sumitomo.