Malaysian charged with hacking Federal Reserve, others
IDG News Service - A Malaysian man has been charged with hacking into major U.S. corporations, including the U.S. Federal Reserve Bank of Cleveland and FedComp, a company that processes financial transactions for credit unions.
Lin Mun Poo, 32, was arrested on Oct. 21, just hours after flying into New York and selling $1,000 worth of stolen credit card numbers at a Brooklyn diner, prosecutors said. After inspecting his laptop, U.S. Secret Service investigators found more than "400,000 stolen credit and debit card account numbers allegedly obtained by hacking into various computer systems of other financial institutions," the Secret Service said in a news release.
Poo, who's been in custody since his arrest last month, was indicted Thursday on hacking, fraud and identity theft charges by a federal grand jury in U.S. District Court for the Eastern District of New York, in Brooklyn. The Secret Service says he was in the business of hacking into companies' networks and selling the sensitive information he uncovered.
After being arrested, Poo told investigators that he had flown to the U.S. to meet with an unidentified person who claimed he could regularly provide him with a lot of stolen card numbers, prosecutors said in court fillings. He allegedly wanted to use the numbers to withdraw cash from automated teller machines.
His alleged hacking activities were widespread. Prosecutors say he hacked into the Federal Reserve Bank of Cleveland's network in June of this year, and compromised at least 10 computers there.
He also allegedly hacked into the FedComp system and accessed data belonging to many victims, including the Firemen's Association of the State of New York Federal Credit Union and the Mercer County New Jersey Teachers' Federal Credit Union.
"The defendant also admitted to compromising the computer networks of several major international banks and companies, and admitted earning money by finding and exploiting network vulnerabilities or trading and selling the information," the U.S. Department of Justice said in a Thursday court filing arguing that Poo is a flight risk and should not be granted bail.
In August, he hacked into a "major Department of Defense contractor, which provided systems management for military transport and other highly sensitive military operations," prosecutors said.
Neither the Cleveland Fed nor FedComp immediately responded to messages seeking comment on the case. Poo's attorney, Kannan Sundaram, could not immediately be reached for comment.
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- Mission Critical: Managing Mobile Applications & Content
- Smartphones, tablets and other mobile devices have become embedded in enterprise processes, thanks to the consumerization of IT and a new generation of...
- Securing Mobility, From Device to Network
- At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Planning for Mobile Success
- Many organizations are seeing clear and quantifiable benefits from the deployment of mobile technologies that provide access to data and applications any time,...
- The Challenges and Opportunities of Mobile Application Development
- Nearly all business users now demand mobile devices--their own or company-owned--along with anywhere access to corporate applications and data. What turns mobile devices... All Government IT White Papers
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope...
- All Government IT Webcasts