Jun 19, 2012

CoBank & CitiBank - Internal Access - Hacked!

// c0mrade
    // 6-17-12
    // Twitter.com/officialcomrade
    
    Hello, my minions. Let me start off by answering some questions.
    
    Q. Do you support Jester?
    A. Yes. I do not support the dilettante that follows him around though. They're trying to act as some corporate spies. It's funny. Jester has that part of the scene on lock. Don't even try mining it, please.
    
    Q. Why is your nick, "c0mrade?"
    A. I'm paying homage to Jonathan James. If you look at that as a dishonorable approach, you're ignorant.
    
    Moreover, I have internal access to three or so banks. Amongst those affected include:
    
    [+] Citibank
    [+] CoBank
    
    [+] CoBank:
    
    I've roughly had access to CoBank for over a year now. I was just waiting for the golden moment. I knew that over the years more systems would be copulated. I decided I'd just wait till more data got en route. If I were to post this last week, Bank Information would be spilled and spread all over the Internet internationally. I didn't though, I'm doing the right thing. My job is simple, I fill out a report for you guys to read, and I pass it onto the ones vulnerable.
    
    Keep in mind, I did this when I was the bad guy!
    
    ----------
    MX Records:
    ----------
    NS      sdnpdnse2.cobank.com    199.197.25.20   sdnpdnse2.cobank.com
    NS      schrdnse1.cobank.com    199.120.173.3   schrdnse1.cobank.com
    NS      sdnpdnse1.cobank.com    199.197.25.19   sdnpdnse1.cobank.com
    ----------
    Mail Exchange:
    ----------
    => mailbox.cobank.com   199.197.25.18
    => relay.cobank.com     199.197.25.17
    -----------
    Logins:
    -----------
    karthik.b512@gmail.com:cobank:9492966714
    Surya@gmail.com:N'Account:9490348032
    -----------
    
    Access to affiliated Banking Software >> Uplink >> Update >> FTP info >> FTP User: Admin - FTP Pass: 123456 >> Access to key systems CoBank was using.
    
    I setup some Malware to play with sometime go. I'm sure you'll get a laugh out of this:
    
    http://leakster.net/external/Data.txt
    
    Stupid dev, huh? I removed everything that could be used to harm the safety of customers. I've got access to internal and external systems. I plan on calling CoBank sometime next morning to resolve the Security issue.
    
    [+] Citibank
    
    Basically, deja-vu.
    
    Access to affiliated Banking Software >> Uplink >> Update >> FTP info >> Access to key systems Citibank was using. I didn't have much time to play with this, I did have some Malware running though. I got thousands of logins from it. I grave-digged some logs for you guys:
    
    0001    0003    006     000     3G      008     3G TECHNOLOGIES 3G TECHNOLOGIES                 A       1/1/2008        22-12-1428              006     060005          203010100001    000076  QASIM   U       7/23/2008 4:05:29 PM                  
            0001    0003    006     000     ABDULLH 008     Abdullha Fuad Holding Co.       Abdullha Fuad Holding Co.                       A       1/1/2008        22-12-1428              006     060013          203010100001    000086  BCS     N       11/5/2008 11:08:29 AM                 
            0001    0003    006     000     ACP     008     Arabin Computer Projects Co Ltd Arabin Computer Projects Co Ltd                 A       1/1/2008        22-12-1428              006     060005          203010100001    000080  QASIM   U       7/23/2008 4:05:19 PM                  
            0001    0003    006     000     ACS     008     Access Control - Added by Injazat       Access Control - Added by Injazat                       S       1/1/2008        22-12-1428              006     060001          203010100001    000067  QASIM   U       7/23/2008 4:05:35 PM                                  
            0001    0003    006     000     ADAPTIV 010     Adaptive Measuring & Control LLC        Adaptive Measuring & Control LLC                        A       1/1/2008        22-12-1428              006     060005          203010100001    000082  QASIM   U       7/26/2008 10:58:34 AM                 
            0001    0003    006     000     AFLAK   008     AFLAK ELectronic Industries Co. ÃÝáÇß ááÕäÇÚÇÊ ÇáÇáßÊÑæäíÉ                      A       8/2/2010        21-08-1431              006     060001          203010100001    000098  HAMID   N       8/2/2010 4:41:41 PM                   
            0001    0003    006     000     AFT     008     ADVANCED FIREFIGHTING TECHNOLOGY GMBH   ADVANCED FIREFIGHTING TECHNOLOGY GMBH   0       0       A       1/1/2008        22-12-1428      AFT     006                     203010100001    000001  BCS     N       1/27/2008 8:39:04 PM                                  
            0001    0003    006     000     AFTDUBAI        008     HITECH FZE      HITECH FZE      0       0       S       1/1/2008        22-12-1428      AFTDUBAI        006     060002          203010100001    000002  BCS     U       3/19/2008 6:06:16 PM                                  
            0001    0003    006     000     ALBAES  008     Alia Banajah Est. 2 The Point   Alia Banajah Est. 2 The Point   0       0       S       1/1/2008        22-12-1428      ALBAES  006     060005          203010100001    000003  QASIM   U       4/15/2008 4:18:01 PM                                  
            0001    0003    006     000     ALIAN   008     Alian International Corp.       Alian International Corp.       0       0       A       1/1/2008        22-12-1428      ALIAN   006                     203010100001    000004  BCS     N       1/27/2008 8:39:04 PM                                  
            0001    0003    006     000     ALMANS  008     AL MANAMAH SERVICES     AL MANAMAH SERVICES     0       0       S       1/1/2008        22-12-1428      ALMANS  006     060005          203010100001    000005  QASIM   U       4/15/2008 4:19:04 PM                                  
    
    The Malware has been affective since '08.
    
    // c0mrade
    // Twitter.com/officialcomrade
 


Source: http://pastebin.com/q5UNiK4B

If you like my blog, Please Donate Me

No comments:

 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |