API tools faq
paste
BinLaden

CoBank and CitiBank - #Failsec

BinLaden
Jun 21st, 2012
759
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.57 KB | None | 0 0
raw download clone embed print report
  1. // c0mrade
  2. // 6-17-12
  3. // Twitter.com/officialcomrade
  4.  
  5. Hello, my minions. Let me start off by answering some questions.
  6.  
  7. Q. Do you support Jester?
  8. A. Yes. I do not support the dilettante that follows him around though. They're trying to act as some corporate spies. It's funny. Jester has that part of the scene on lock. Don't even try mining it, please.
  9.  
  10. Q. Why is your nick, "c0mrade?"
  11. A. I'm paying homage to Jonathan James. If you look at that as a dishonorable approach, you're ignorant.
  12.  
  13. Moreover, I have internal access to three or so banks. Amongst those affected include:
  14.  
  15. [+] Citibank
  16. [+] CoBank
  17.  
  18. [+] CoBank:
  19.  
  20. I've roughly had access to CoBank for over a year now. I was just waiting for the golden moment. I knew that over the years more systems would be copulated. I decided I'd just wait till more data got en route. If I were to post this last week, Bank Information would be spilled and spread all over the Internet internationally. I didn't though, I'm doing the right thing. My job is simple, I fill out a report for you guys to read, and I pass it onto the ones vulnerable.
  21.  
  22. Keep in mind, I did this when I was the bad guy!
  23.  
  24. ----------
  25. MX Records:
  26. ----------
  27. NS sdnpdnse2.cobank.com 199.197.25.20 sdnpdnse2.cobank.com
  28. NS schrdnse1.cobank.com 199.120.173.3 schrdnse1.cobank.com
  29. NS sdnpdnse1.cobank.com 199.197.25.19 sdnpdnse1.cobank.com
  30. ----------
  31. Mail Exchange:
  32. ----------
  33. => mailbox.cobank.com 199.197.25.18
  34. => relay.cobank.com 199.197.25.17
  35. -----------
  36. Logins:
  37. -----------
  38. karthik.b512@gmail.com:cobank:9492966714
  39. Surya@gmail.com:N'Account:9490348032
  40. -----------
  41.  
  42. Access to affiliated Banking Software >> Uplink >> Update >> FTP info >> FTP User: Admin - FTP Pass: 123456 >> Access to key systems CoBank was using.
  43.  
  44. I setup some Malware to play with sometime go. I'm sure you'll get a laugh out of this:
  45.  
  46. http://leakster.net/external/Data.txt
  47.  
  48. Stupid dev, huh? I removed everything that could be used to harm the safety of customers. I've got access to internal and external systems. I plan on calling CoBank sometime next morning to resolve the Security issue.
  49.  
  50. [+] Citibank
  51.  
  52. Basically, deja-vu.
  53.  
  54. Access to affiliated Banking Software >> Uplink >> Update >> FTP info >> Access to key systems Citibank was using. I didn't have much time to play with this, I did have some Malware running though. I got thousands of logins from it. I grave-digged some logs for you guys:
  55.  
  56. 0001 0003 006 000 3G 008 3G TECHNOLOGIES 3G TECHNOLOGIES A 1/1/2008 22-12-1428 006 060005 203010100001 000076 QASIM U 7/23/2008 4:05:29 PM
  57. 0001 0003 006 000 ABDULLH 008 Abdullha Fuad Holding Co. Abdullha Fuad Holding Co. A 1/1/2008 22-12-1428 006 060013 203010100001 000086 BCS N 11/5/2008 11:08:29 AM
  58. 0001 0003 006 000 ACP 008 Arabin Computer Projects Co Ltd Arabin Computer Projects Co Ltd A 1/1/2008 22-12-1428 006 060005 203010100001 000080 QASIM U 7/23/2008 4:05:19 PM
  59. 0001 0003 006 000 ACS 008 Access Control - Added by Injazat Access Control - Added by Injazat S 1/1/2008 22-12-1428 006 060001 203010100001 000067 QASIM U 7/23/2008 4:05:35 PM
  60. 0001 0003 006 000 ADAPTIV 010 Adaptive Measuring & Control LLC Adaptive Measuring & Control LLC A 1/1/2008 22-12-1428 006 060005 203010100001 000082 QASIM U 7/26/2008 10:58:34 AM
  61. 0001 0003 006 000 AFLAK 008 AFLAK ELectronic Industries Co. ÃÝáÇß ááÕäÇÚÇÊ ÇáÇáßÊÑæäíÉ A 8/2/2010 21-08-1431 006 060001 203010100001 000098 HAMID N 8/2/2010 4:41:41 PM
  62. 0001 0003 006 000 AFT 008 ADVANCED FIREFIGHTING TECHNOLOGY GMBH ADVANCED FIREFIGHTING TECHNOLOGY GMBH 0 0 A 1/1/2008 22-12-1428 AFT 006 203010100001 000001 BCS N 1/27/2008 8:39:04 PM
  63. 0001 0003 006 000 AFTDUBAI 008 HITECH FZE HITECH FZE 0 0 S 1/1/2008 22-12-1428 AFTDUBAI 006 060002 203010100001 000002 BCS U 3/19/2008 6:06:16 PM
  64. 0001 0003 006 000 ALBAES 008 Alia Banajah Est. 2 The Point Alia Banajah Est. 2 The Point 0 0 S 1/1/2008 22-12-1428 ALBAES 006 060005 203010100001 000003 QASIM U 4/15/2008 4:18:01 PM
  65. 0001 0003 006 000 ALIAN 008 Alian International Corp. Alian International Corp. 0 0 A 1/1/2008 22-12-1428 ALIAN 006 203010100001 000004 BCS N 1/27/2008 8:39:04 PM
  66. 0001 0003 006 000 ALMANS 008 AL MANAMAH SERVICES AL MANAMAH SERVICES 0 0 S 1/1/2008 22-12-1428 ALMANS 006 060005 203010100001 000005 QASIM U 4/15/2008 4:19:04 PM
  67.  
  68. The Malware has been affective since '08.
  69.  
  70. // c0mrade
  71. // Twitter.com/officialcomrade
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!