Barclays bank heist ringleader jailed for five-and-a-half years

Filed Under: Featured, Law & order, Security threats

The man at the head of a gang responsible for a string of thefts and frauds from UK banks, including one haul of at least £1.25 million in a single day, has been sentenced to five years and six months in prison.

48-year-old Tony Colston-Hayter, described in several reports as an "Acid House King" thanks to his involvement in the dance music scene in the 1980s, led a gang of over a dozen and was involved in multiple fraud and theft operations.

These included accessing bank computers by attaching KVM (keyboard-video-mouse) kit, allowing the fraudsters remote access to the systems.

In one incident at a branch of Barclays this method was used to siphon £1.25 million into accounts set up by the gang. More than half of the haul has yet to be recovered.

The gang's operations spanned 2012 and 2013. Police began to close in during September 2013, picking up 12 suspects after a failed attempt to gain access to computers at a branch of Santander bank in southeast London.

Further arrests were made a week later, and details soon emerged of the successful theft from Barclays bank's Swiss Cottage branch, also in London, first reported to police in April of 2013.

→ A KVM device acts as a repeater for the keyboard, video display and mouse of a computer. KVMs are commonly used to allow one keyboard, mouse and monitor to control multiple computers, with the KVM device acting as a switch. Early KVMs used long cables to allow distant computers to be controlled; these days, KVMs commonly use the internet for delivering remote keypresses to the connected device, and for sending back remotely what a local user would see on the screen. This means the person controlling the KVM (which effectively controls the computers it is plugged into) can be off-site: a benefit in an emergency, but an obvious liability if a rogue KVM is connected to the netork.

In this case an employee of the bank, Duane Jean-Jacques, was accused of being an "inside man" and helping to get the device attached to the branch manager's PC, but he was later cleared of all charges.

A few months later another branch of Barclays was compromised in a similar fashion, and over £90,000 stolen.

The gang went on trial in February and convictions were handed down in mid-March.

Sentencing has now been passed on most of them; alongside Colston-Hayter a second man, 53-year-old Steven Hannah, will also serve over five years, while another seven gang members received sentences ranging from three years to "time served" or suspended sentences.

One man, 25-year-old Putney resident Lanre Mullins-Abudu, contested the charges brought against him and as a result was given a rather longer sentence of 8 years. Several more gang members still await sentencing.

Colston-Hayter's defense rested on claims that serious drug addiction and related debts forced him into a life of crime.

In a searches of his flat and properties belonging to other gang members, police recovered evidence related to the banks heists and a range of other crimes, including phone phishing and intercepting bank mail to steal customer information and bank cards.

The range of crimes linked to the gang provides further evidence that computer crime is no longer a standalone field only accessible to experts, but is steadily merging into the mainstream of criminal activity.


Image of Barclays courtesy of Shutterstock.

Image of hands on bars courtesy of Shutterstock.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

John Hawes is Chief of Operations at Virus Bulletin, running independent anti-malware testing there since 2006. With over a decade of experience testing security products, John was elected to the board of directors of the Anti-Malware Testing Standards Organisation (AMTSO) in 2011.