Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Same Shirt, Different Heist (Ukrainians stole $800,000 from ATMs)
americanbanker. ^ | August 2008 | Rebecca Sausner

Posted on 08/16/2008 10:54:33 AM PDT by dennisw

Not exactly criminal masterminds, but the three Ukrainian nationals busted for stealing PINs and debits, creating false cards, and pocketing the cash did have a pretty good run. And reading the legal documents on the case in the U.S. Eastern District Court offers a handful of lessons about ATM fraud and pre-paid card fraud—including the value of rotating your wardrobe.

First, some of the facts in the case: three Ukrainians are charged with using fraudulent debit cards they used to withdraw hundreds of thousands of dollars from Citibank, WaMu and other bank ATMs in New York City. The thefts appear to begin in the fall of 2007, and ended in early 2008 when law enforcement pulled the plug on the ring.

Sometimes, your lucky shirt is not so lucky. On October, 1, 2007, a man later identified as Yuri Ryabinin is caught on surveillance video making 12 ATM withdrawals totalling just under $10k at a WaMu branch in Brooklyn, NY, wearing a tan sweatshirt with a dark blue or black front panel and dark trim at the zipper and collar. Same individual, same clothes, is also seen on other neighborhood bank videos making large withdrawals that night. About five months later, same guy is spotted making more suspect withdrawals at a Citibank branch, wearing the same sweatshirt. Ryabinin was also traced via his ICQ ID number to a Website for ham radio enthusiasts, where there’s a picture of him—taken five years earlier—wearing the same sweatshirt. The thought of Ryabinin wearing the same aged sweatshirt for all his exploits, and being identified thanks in part to its familiarity, is only more amusing when you learn that the FBI seized more than $800k in cash and his paid-for Mercedes when they arrested him and his wife at their Brooklyn home this spring.

ATM servers remain a serious vulnerability. Ryabinin’s enterprise has been traced to a hack that stole card and PIN data as it traveled the connection between ATMs and third party processors. This weakness is widespread, says Jim Stickley of TraceSecurity, noting that his company has uncovered thousands of unpatched ATM processing servers during routine compliance inspections. Says analyst Avivah Litan of Gartner, “I don’t think we can point fingers to any one party here — but we can say the security system in place for ATMs is essentially broken. There have been too many large breaches of PIN ATM/debit cards in the last two to three years to claim the existing security protocols are adequate.”

Finally, $5 million can disappear, overnight. On Oct. 3, 2007, First Bank of St. Louis notified the Secret Service that four iWire prepaid debit MasterCard accounts were compromised and fraudsters around the world—including Ryabinin in his lucky sweatshirt — made some 9,000 withdrawals or attempts netting approximately $5 million in ATM cash, all within a 24-hour period from Sept. 30 to Oct. 1, 2007. (c) 2008 Bank Technology News and SourceMedia, Inc. All Rights Reserved. http://www.banktechnews.com http://www.sourcemedia.com


TOPICS: Crime/Corruption; Culture/Society; News/Current Events
KEYWORDS: atm; banks; idtheft; theft; ukraine

1 posted on 08/16/2008 10:54:33 AM PDT by dennisw
[ Post Reply | Private Reply | View Replies]

To: dennisw

He had his good luck sweatshirt and wore it for every ATM rip off...made him easy to identify


2 posted on 08/16/2008 10:55:43 AM PDT by dennisw (That Muhammad was a charlatan. Islam is a hoax, an imperialistic ideology, disguised as religion.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dennisw

“ATM servers remain a serious vulnerability. Ryabinin’s enterprise has been traced to a hack that stole card and PIN data as it traveled the connection between ATMs and third party processors.”

In other words the banks didn’t have the data encrypted when it left the ATM. Pretty stupid of them.


3 posted on 08/16/2008 10:58:52 AM PDT by driftdiver (No More Obama - The corruption hasn’t changed despite all our hopes.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dennisw
"video making 12 ATM withdrawals totaling just under $10k "

That is about $833 per withdraw. Most banks will let you set a lower limit. I set a limit for $300 per 24 hour period. The weakest link is a store terminal not the banks severs.

4 posted on 08/16/2008 11:15:39 AM PDT by ThomasThomas (Orationem pulchram non habens, scribo ista linea in lingua Latina.***)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dennisw

Yep, screams “lucky shirt” syndrome ‘cept all the luck had been washed out, it would appear.


5 posted on 08/16/2008 11:16:09 AM PDT by NonValueAdded (College kid: "Do you have a minute for Obama?" NVA: "Not now or ever.")
[ Post Reply | Private Reply | To 2 | View Replies]

To: dennisw

Ol’ Crusty?


6 posted on 08/16/2008 11:18:16 AM PDT by null and void (Barack zerObama - International Man of Mystery...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dennisw

7 posted on 08/16/2008 12:40:54 PM PDT by Leisler
[ Post Reply | Private Reply | To 1 | View Replies]

To: Leisler

http://blog.wired.com/27bstroke6/2008/06/citibank-atm-se.html

His lucky sweatshirt.


8 posted on 08/16/2008 1:11:28 PM PDT by dennisw (That Muhammad was a charlatan. Islam is a hoax, an imperialistic ideology, disguised as religion.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Leisler

In April, Miami Beach police busted a ring of Bulgarian nationals who’d allegedly been planting skimmers on area ATMs for two years. The gang installed pin-hole cameras in the ceiling of the ATM to record the PIN numbers. They allegedly used the stolen data to pull more than $160,000 from bank customer accounts in the span of just two weeks last February.

The Secret Service took over the Miami Beach case, and the four defendants were each released on a $100,000 cash and signature bond. Three, including alleged ringleader Nikolai Hristov Arabov, jumped bail and went on the lam last month.
http://blog.wired.com/27bstroke6/crime/index.html


9 posted on 08/16/2008 1:18:51 PM PDT by dennisw (That Muhammad was a charlatan. Islam is a hoax, an imperialistic ideology, disguised as religion.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Leisler
Federal prosecutors in New York have charged 32-year-old Ukrainian immigrant Yuriy Ryabinin, aka Yuriy Rakushchynets, with access device fraud for allegedly using the stolen information to go on a cash-withdrawal spree. Ryabinin, who is allegedly an active member of underground credit card fraud forums, is not charged with the intrusion itself. 

Yeah but just happens to have $800,000 lying around around in his aprtmnat

He and a co-defendant "received over the internet information related to Citibank customers, which information had previously been stolen from Citibank," according to an indictment (.pdf) in the case.

Plenty prison time for that too

10 posted on 08/16/2008 1:19:46 PM PDT by dennisw (That Muhammad was a charlatan. Islam is a hoax, an imperialistic ideology, disguised as religion.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: driftdiver
In other words the banks didn’t have the data encrypted when it left the ATM. Pretty stupid of them.

Encryption can still be broken. In fact with more powerful computers today, it is even easier. Can't assume that it had no encryption. I would bet it had weak encryption.
11 posted on 08/16/2008 1:43:03 PM PDT by LuxMaker (The Constitution is a mere thing of wax in the hands of the judiciary, Thomas J 1819)
[ Post Reply | Private Reply | To 3 | View Replies]

To: LuxMaker

‘Encryption can still be broken”

In other stories it was stated the connections had NO encryption.

“In fact with more powerful computers today, it is even easier.”

A standard encryption (AES 256) is beyond the brute force capabilities of most individuals and would take a significant amount of time.


12 posted on 08/16/2008 1:47:08 PM PDT by driftdiver (No More Obama - The corruption hasn’t changed despite all our hopes.)
[ Post Reply | Private Reply | To 11 | View Replies]

To: driftdiver
In other words the banks didn’t have the data encrypted when it left the ATM. Pretty stupid of them.

You can bet they were warned but heeding the warning would have cost more... or so they thought.

13 posted on 08/16/2008 1:50:02 PM PDT by fso301
[ Post Reply | Private Reply | To 3 | View Replies]

To: fso301

“You can bet they were warned but heeding the warning would have cost more... or so they thought.”

Most of the bigger banks are pretty secure now days. The problem usually lies with one of their vendors who cut costs to keep prices down. Banks are supposed to make sure their vendors comply with security regulations but enforcement is weak and is highly dependent on the vendors honesty.


14 posted on 08/16/2008 1:52:35 PM PDT by driftdiver (No More Obama - The corruption hasn’t changed despite all our hopes.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: dennisw
A lot of first generation immigrants are very thrifty. After all, he's wearing his fleece for the last five years.
15 posted on 08/16/2008 2:25:43 PM PDT by Leisler
[ Post Reply | Private Reply | To 10 | View Replies]

To: driftdiver

Encrypted, but probably ancient DES. Just enough encryption to prevent just anybody from tapping the phone line and copying verbatim, basically. Stops “normal” people but woefully inadequate today with the crooks these days.


16 posted on 08/16/2008 4:33:41 PM PDT by Freedom4US
[ Post Reply | Private Reply | To 3 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson