Federal authorities said they uncovered an advanced bank heist that defrauded Citigroup of more than $1 million by exploiting a security loophole in the way it handles electronic payments.
The scam worked by simultaneously withdrawing funds from cash advance kiosks maintained in at least 11 casinos located in California and Nevada, according to an indictment unsealed late last week in federal court in San Diego. Alleged ringleader Ara Keshishyan recruited at least 13 people to make transactions from different kiosks in each location. To exploit the weakness, the multiple advance requests had to be near identical and had to be made in the same 60-second window, FBI officials said in a press release.
