Watch a 22-minute DEF CON conference talk exploring how security researchers exploited vulnerabilities in Norwegian banking systems through simple paper-based identity verification methods. Discover the shocking revelation of how unauthorized access was gained to personal bank accounts at Norway's largest bank in 2021 using only a single-page paper form sent via traditional mail, allowing complete access to account transactions spanning a decade and potential fund theft. Learn why a similar exploit was still possible with another bank in 2024, highlighting the persistent vulnerabilities in banking security systems. Examine the critical importance of proper paper-based identification processes and the valuable lessons learned from these security assessments that demonstrate how traditional verification methods remain relevant in our digital age.
Overview
Syllabus
DEF CON 32 - Fool us Once, fool us twice Hacking Norwegian Banks - Per Thorsheim
Taught by
DEFCONConference