Burglary to Plus the Bank stolen confidential information and one million gold

There is a saying that the first million you need to steal-something like this is and especially takes on a meaning after recent events, that were launched a few months ago.
How to inform the site Trusted third party-one of the biggest in Poland, security services, two months ago began working with a Bank, which servers as a result of insufficient security have been victims of burglary. Blacklisted.pl been stolen user confidential information of more than 150 000 customers, including email addresses, credit card numbers with CVV codes and uszczuplono the majority of bank accounts for a total amount of almost one million dollars.

Robbed account one of the companies

From Monday and yesterday's article, which is stated on the website Z3S.pl we learn that the perpetrator of the theft bank servers Plus Polsilver Bank was also known as Razor4 -Polish forum ToRepublic (forum is available in the TOR network), which through the Editorial Board of the ZS3.pl and the Niebezpiecznik.pl wanted to get along with the Bank. And here's his request-cit. original:

At this point the public presents the most recent proposals for a settlement for the Bank.

Please to media indicate his members from my description of the uwzglednily this in their articles. If the bank does not want all the information that I have been published must pay the corresponding amount.  It is equal to 200.000 USD at a one-time payment, or £ 400.000 in the case of payment in installments (10 x 40 thousand, every month). The second option gives you confidence that none of the data will not be published before the course of those 10 months because it will not be cost effective.

After paying that amount no information for the Bank will not be already published, and the clients will remain secure. This amount includes the information yet how I managed to get access to the Bank in August systems its ability and that people have been injured.

In General, the bank will get all the necessary information that will allow zalagodzic the current sytulacje, not narazajac on loss of image-data will not be made public, will not be a scandal, the public finds probably sciemnialem and no wlamania was not.

The proposed price is very low, taking into account the amount of data. This is less than 2.5 PLN from each client korzystajacego with electronic banking when requested by your.  If the bank does not pay, it will be in effect from financial data, data on the amount of the contract, each client are worth for the Bank less than these 2.5 zl.

I am convinced that greater punishment the bank gets from the INSPECTOR GENERAL in the case of publication of data than is given by me. Considering the amount of personal data, and that the fault for their ninależyte security lies with the Bank, this is quite likely.

The perpetrator of the incident Friday, IE. June 10, waiting for payment from the Bank in the amount of 200 000 dollars or 400 000 in 10 instalments. Otherwise publish compromising information bank and stolen customer data. Who will suffer the most? Bank or its customers? The answer is very simple.

Sorry, but this story is not yet over. How to show some of the events of the past, the work of an editor is not always comfortable and safe. If you are interested in politics probably know the character Peter nationalist views made. Well, as a result of the publication of a series of evidence, which pointed to links to the former President Bronislaw Komorowski of the Military Information Services, Peter Sumliński had because of this huge problems-to put it mildly. Interested please refer to the video-reportage on the subject.

Author of hacking the Bank also had for this reason some troubles:

A week ago, to 5 hours before the scheduled publication of the article (previously repeatedly at the request of the Bank przekładaną) we received the call to refrain from violations of personal rights with the following paragraph:

[...] I call to withdraw from the unlawful dissemination of information concerning the effects of hacker attack attempts on the electronic system of the Bank and applied in this connection by the bank security measures [...]. This information is based on unreliable sources and do not take into account the position of the Bank in this case. The prevalence of such information will be the activity explicitly and obviously unlawful, affecting the personal (the reputation of) the Bank and leading to the creation of the Bank-side difficult to powetowania the damage.

In turn, on Friday around 11 am from IP address [X. X. X. X] through the contact form to the Z3S.pl has arrived:

Hello edelstahlsonne, I will start from this that I have with us on pienku, so think twice if you want to publish an article about the wlamaniu to [Bank name], 20 k is not a lot, and the head flies, you want to in the end doigrac?

I cordially greet

The Editors Of The Trusted Third Party:

That we plan to release article, knew only narrow, trusted circle of collaborators, the burglar and the bank. We do not know who was the sender of the message

The details of this story are (for now) in the two-part article on Z3S.pl

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.