02 July 2015

Crooks use USB sticks to infect ATMs and steal cash

06 January 2014  |  6246 views  |  2 ATM

Cyber-crooks have been cutting open ATMs to get to USB ports and installing malware which lets them empty the machines of cash, security researchers have demonstrated.

In a presentation, which can be watched online, at the Chaos Communication Congress, two researchers showed how hackers sliced open the ATMs of an unnamed bank and plugged in USB sticks containing malware.

Once the malware was installed and the ATMs patched up, the crooks used a 12-digit code to access a special interface on the machines which displayed a breakdown of how much money, and in what denominations, was in them.

With no honour among thieves, the malware required crooks to enter a second, one-time code to withdraw cash, which had to be obtained by phoning the gang leaders.

When the targeted bank realised that its ATMs were being hit, it stepped up surveillance and caught a man trying to cash out a machine. He was arrested with a malware-holding USB stick on him which was given to the security researchers for analysis.

The analysis suggests that the malicious code was designed only to remove cash - not to steal card data - and was written by a large and skilled team with a deep knowledge of ATMs, say the researchers. It had been written specifically to target one bank but could be of use against other machines running Windows XP.

Comments: (2)

Mark Sitkowski - Design Simulation Systems Ltd - Melbourne | 07 January, 2014, 04:35

Let me see if I understand this:

Two guys turn up at a bank, with a blowtorch, a five foot high acetylene bottle, and an oxygen bottle, and cut the corner off the cast iron ATM case. They then insert a USB stick, and carefully weld up the hole they made earlier. Right?

I have to ask myself whether even my bank would have noticed that something was wrong...

2 thumb ups! 2 thumb ups! (Log in to thumb up)
Vernon Crabtree - Equens - Utrecht | 08 January, 2014, 10:15

I always thought it was a risk that the steel around the housing of the electronics is thinner than the safe.  The air-vents look particularly easy to cut into.

If this sort of thing continues, it is another nail in the coffin for cash.


Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

11 December, 2013
19 November, 2013
12 November, 2013
15 October, 2013
29 July, 2013
27 March, 2013
29 July, 2010
01 July, 2009

Top topics

Most viewed Most shared
Global fintech investment triples - Accent...
9116 views comments | 47 tweets | 27 linkedin
Barclays takes on Apple with wearable paym...
8122 views comments | 38 tweets | 32 linkedin
Wells Fargo to usher in voice and facial b...
6258 views comments | 20 tweets | 25 linkedin
European ACHs form Sepa joint venture
5226 views comments | 22 tweets | 15 linkedin
UK payments regulator calls for 'pipes and...
4903 views comments | 25 tweets | 17 linkedin

Featured job

£excellent basic with £200,000 OTE + Benefits

Find your next job