A Byte Out of Financial Fraud History: $10 Million Hack, 1994-Style

A Byte Out of Financial Fraud History: $10 Million Hack, 1994-Style

 Two decades ago, a group of enterprising criminals on multiple continents – led by a young computer programmer in St. Petersburg, Russia – hacked into the electronic systems of a major U.S. bank and secretly started stealing money. No mask, no note, no gun – this was bank robbery for the technological age.

In July 1994, several corporate bank customers discovered that a total of $400,000 was missing from their accounts. Hackers had apparently targeted the institution’s cash management computer system, which allowed corporate clients to move funds from their own accounts into other banks around the world. The criminals gained access by exploiting the telecommunications network and compromising valid user IDs and passwords.

The FBI eventually identified approximately 40 illegal transactions from late June through October, mostly going to overseas bank accounts and ultimately adding up to more than $10 million. Meanwhile, the bank was able to get the overseas accounts frozen so no additional money could be withdrawn.

The only location where money was actually transferred within the U.S. was San Francisco. Investigators pinpointed the bank accounts there and identified the owners as a Russian couple who had previously lived in the country. When the wife flew into San Francisco and attempted to withdraw funds from one of the accounts, the FBI arrested her and, soon after, her husband. Both cooperated in the investigation, telling the FBI that the hacking operation was based inside a St. Petersburg computer firm and that they were working for a Russian named Vladimir Levin.

US and Russian authorities gathered evidence against Levin, including proof that he was accessing the bank’s computer from his own laptop. The US, working with other law enforcement partners, arrested two co-conspirators attempting to withdraw cash from overseas accounts; both were Russian nationals who had been recruited as couriers and paid to take the stolen funds that had been transferred to their personal accounts.

In March 1995, Levin was lured to London, where he was arrested and later extradited back to the United States. He pleaded guilty in January 1998.

Believed to be the first online bank robbery, the virtual theft was a wakeup call for the financial industry. The victim bank put corrective measures in place to shore up its network security. Although the hack did not involve the Internet, the case did generate media coverage that got the attention of web security experts. The FBI, for its part, began expanding its cyber crime capabilities and global footprint.

FBI Special Agent Andrew Black, who back in 1994 was part of a white collar crime squad in the FBI’s San Francisco Office, recalled that he became involved in the New York-based investigation when it was discovered that some of the money moved out of the bank by the hacker had ended up in several San Francisco bank accounts.

“At the time,” Black said, “we didn’t have a cyber crime team in the office, so the white collar crime route seemed the most logical way to go.” He remembered that in August 1994, after identifying the owners of the bank accounts as Russian nationals Evygeny and Ekaterina Korlokova—who had an apartment in San Francisco—Ekaterina attempted to withdraw funds from one of the accounts. “Because the account had been frozen, she wasn’t able to get the money,” he said. Ekaterina went back to her apartment and started packing her bags. Black said when he and an FBI interpreter went to her residence to arrest her, her suitcases were in the hallway and she had a one-way ticket to Russia.

And where was her husband? Black said Evygeny had flown back to Russia, “leaving his young wife alone in the U.S. to withdraw the illegal funds from their bank accounts.” But Ekaterina, who agreed to cooperate in the investigation, managed to convince him to return—according to Black, she “read him the riot act over the phone … in Russian, of course.” He returned, was arrested, and agreed to cooperate as well.

Black remembered that the case garnered a great deal of attention at the time, “which was good, because it resulted in a lot more focus on network security.” After it ended, he gave presentations on it to raise general awareness of an emerging criminal threat. “There was a particularly high demand for the presentation from the banking industry,” he added. In 1995, Black was asked to become a part of the San Francisco FBI’s newly formed computer intrusion squad – one of the FBI’s first.

 Contact the author at smeyerow@optonline.net

For more information about LexisNexis products and solutions connect with us through our corporate site.