Feeds

Queen of WorldPay cash-machine scam sent down for 2.5 years

Hi-tech Fagin herded money mules

Reducing security risks from open source software

A Nigerian woman has been jailed for two-and-a-half years in the US after she was found responsible for playing a key role in the infamous $9m WorldPay payment card scam back in 2008.

Sonya Martin, 45, was convicted of managing a team of Chicago money mules who withdrew money from cash cards that had been loaded with looted funds. Cybercrooks had topped-up the payroll debit cards by breaking the encryption used to protect their sensitive financial data. Such cards are used by some firms to pay workers.

Hackers used compromised access to WorldPay's systems to raise the account balance and withdrawal limits on targeted accounts before forging 44 payment cards associated with these compromised accounts. Funds were then withdrawn from these accounts in an overnight cash-out operation involving 2,100 ATMs in at least 280 cities in the US, Russia, Estonia, Italy, Hong Kong, Japan, and Canada in a coordinated operation on 8 November 2008, the FBI said.

The gang monitored the progress of the cash-out operation in real-time using WorldPay's own computer systems before attempting (unsuccessfully) to erase their tracks. Infamous hacker Albert Gonzalez masterminded the whole scam as well as other credit card megabucks against TJ Maxx, Heartland Payments Systems and others. Gonzalez was jailed for 20 years in the spring of 2010.

The FBI said Martin managed a cash-out crew in Chicago that used counterfeit debit cards to fraudulently withdraw approximately $80,000 from various Chicago ATMs. She was arrested in March last year when she attempted to board a flight from New York to London. Martin will have to serve five years on probation after her release, as well as paying back $89,000 in restitution for her crimes.

An FBI statement on Martin's sentencing can be found here. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
L33t haxxors compete to p0wn popular home routers
EFF-endorsed SOHOpelessly Broken challenge will air routers' dirty zero day laundry
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.