18 December 2017
visit www.aciworldwide.com

Crooks use USB sticks to infect ATMs and steal cash

06 January 2014  |  7573 views  |  2 ATM

Cyber-crooks have been cutting open ATMs to get to USB ports and installing malware which lets them empty the machines of cash, security researchers have demonstrated.

In a presentation, which can be watched online, at the Chaos Communication Congress, two researchers showed how hackers sliced open the ATMs of an unnamed bank and plugged in USB sticks containing malware.

Once the malware was installed and the ATMs patched up, the crooks used a 12-digit code to access a special interface on the machines which displayed a breakdown of how much money, and in what denominations, was in them.

With no honour among thieves, the malware required crooks to enter a second, one-time code to withdraw cash, which had to be obtained by phoning the gang leaders.

When the targeted bank realised that its ATMs were being hit, it stepped up surveillance and caught a man trying to cash out a machine. He was arrested with a malware-holding USB stick on him which was given to the security researchers for analysis.

The analysis suggests that the malicious code was designed only to remove cash - not to steal card data - and was written by a large and skilled team with a deep knowledge of ATMs, say the researchers. It had been written specifically to target one bank but could be of use against other machines running Windows XP.

Comments: (2)

Mark Sitkowski
Mark Sitkowski - Design Simulation Systems Ltd - Melbourne | 07 January, 2014, 04:35

Let me see if I understand this:

Two guys turn up at a bank, with a blowtorch, a five foot high acetylene bottle, and an oxygen bottle, and cut the corner off the cast iron ATM case. They then insert a USB stick, and carefully weld up the hole they made earlier. Right?

I have to ask myself whether even my bank would have noticed that something was wrong...

2 thumb ups! 2 thumb ups! (Log in to thumb up)
Vernon Crabtree
Vernon Crabtree - Equens - Utrecht | 08 January, 2014, 10:15

I always thought it was a risk that the steel around the housing of the electronics is thinner than the safe.  The air-vents look particularly easy to cut into.

If this sort of thing continues, it is another nail in the coffin for cash.

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Cyber-crime cops bust malware ring behind £1 million bank thefts

Cyber-crime cops bust malware ring behind £1 million bank thefts

11 December 2013  |  5633 views  |  0 comments | 8 tweets | 5 linkedin
Five more arrests made in $45 million ATM cyberheist

Five more arrests made in $45 million ATM cyberheist

19 November 2013  |  4326 views  |  0 comments | 4 tweets | 5 linkedin
UK malware fraudsters convicted

UK malware fraudsters convicted

12 November 2013  |  5208 views  |  0 comments | 2 tweets | 11 linkedin
South African POS terminals infected with Dexter malware

South African POS terminals infected with Dexter malware

15 October 2013  |  7750 views  |  0 comments | 4 tweets | 6 linkedin
White hat ATM hacker Barnaby Jack dies

White hat ATM hacker Barnaby Jack dies

29 July 2013  |  5206 views  |  0 comments | 2 tweets
Slovenian cops arrest five over EUR2m malware scam

Slovenian cops arrest five over EUR2m malware scam

27 March 2013  |  5158 views  |  0 comments | 4 tweets
Researcher shows off ATM 'jackpot' hacks

Researcher shows off ATM 'jackpot' hacks

29 July 2010  |  12638 views  |  0 comments
Cash machine 'jackpot' demo pulled at request of ATM vendor

Cash machine 'jackpot' demo pulled at request of ATM vendor

01 July 2009  |  12810 views  |  1 comments

Related blogs

Create a blog about this story (membership required)
visit www.atos.netvisit www.niceactimize.comvisit www.thomsonreuters.info

Top topics

Most viewed Most shared
satelliteRipple completes XRP Lockup
11293 views comments | 3 tweets | 4 linkedin
Banks tap Ethereum smart contracts for MiFID II complianceBanks tap Ethereum smart contracts for MiF...
10302 views comments | 21 tweets | 25 linkedin
Banks and fintech startups join forces on blockchain-based supply chain pilotBanks and fintech startups join forces on...
7799 views comments | 19 tweets | 22 linkedin
Digital banking startup Loot secures £2.2 million seed roundDigital banking startup Loot secures £...
7521 views comments | 5 tweets | 11 linkedin
Nordea takes Open APIs into live productionNordea takes Open APIs into live productio...
7437 views comments | 6 tweets | 26 linkedin

Featured job

Competitive base, commission, benefits
London, UK

Find your next job