13 February 2016

Crooks use USB sticks to infect ATMs and steal cash

06 January 2014  |  6674 views  |  2 ATM

Cyber-crooks have been cutting open ATMs to get to USB ports and installing malware which lets them empty the machines of cash, security researchers have demonstrated.

In a presentation, which can be watched online, at the Chaos Communication Congress, two researchers showed how hackers sliced open the ATMs of an unnamed bank and plugged in USB sticks containing malware.

Once the malware was installed and the ATMs patched up, the crooks used a 12-digit code to access a special interface on the machines which displayed a breakdown of how much money, and in what denominations, was in them.

With no honour among thieves, the malware required crooks to enter a second, one-time code to withdraw cash, which had to be obtained by phoning the gang leaders.

When the targeted bank realised that its ATMs were being hit, it stepped up surveillance and caught a man trying to cash out a machine. He was arrested with a malware-holding USB stick on him which was given to the security researchers for analysis.

The analysis suggests that the malicious code was designed only to remove cash - not to steal card data - and was written by a large and skilled team with a deep knowledge of ATMs, say the researchers. It had been written specifically to target one bank but could be of use against other machines running Windows XP.

Comments: (2)

Mark Sitkowski
Mark Sitkowski - Design Simulation Systems Ltd - Melbourne | 07 January, 2014, 04:35

Let me see if I understand this:

Two guys turn up at a bank, with a blowtorch, a five foot high acetylene bottle, and an oxygen bottle, and cut the corner off the cast iron ATM case. They then insert a USB stick, and carefully weld up the hole they made earlier. Right?

I have to ask myself whether even my bank would have noticed that something was wrong...

2 thumb ups! 2 thumb ups! (Log in to thumb up)
Vernon Crabtree
Vernon Crabtree - Equens - Utrecht | 08 January, 2014, 10:15

I always thought it was a risk that the steel around the housing of the electronics is thinner than the safe.  The air-vents look particularly easy to cut into.

If this sort of thing continues, it is another nail in the coffin for cash.


Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

11 December, 2013
19 November, 2013
12 November, 2013
15 October, 2013
29 July, 2013
27 March, 2013
29 July, 2010
01 July, 2009

Top topics

Most viewed Most shared
UK sets out open banking API frameworkUK sets out open banking API framework
16321 views comments | 106 tweets | 91 linkedin
Deutsche Bank calls for co-operation with fintech firms on B2B servicesDeutsche Bank calls for co-operation with...
9078 views comments | 30 tweets | 30 linkedin
How to accelerate your fintech startupHow to accelerate your fintech startup
8636 views comments | 35 tweets | 10 linkedin
Is Paym a failure?Is Paym a failure?
7196 views 16 comments | 23 tweets | 16 linkedin
Visa issues API to offer consumer control over card transactionsVisa issues API to offer consumer control...
6570 views comments | 17 tweets | 28 linkedin

Featured job

up to £95K base, £190K OTE, benefits
London, UK

Find your next job