How Cybercriminals can Steal Money from Malware-infected ATMs

[securitybreach]

Cybercrime can mean big money for hackers. No one is any doubt about that.

 

But what is unusual is for the attackers to get their hands directly on hard cash, rather than raiding an online bank account, exploiting stolen credit card numbers or hijacked PCs, or selling on stolen intellectual property to others.

 

But, according to new reports, malicious hackers have managed to cut all the pfaffing about, and are now emptying high street ATMs of cash, and stealing millions in the process.

 

A malicious trojan horse dubbed Backdoor.MSIL.Tyupkin is helping criminals steal cash from ATMs running a 32-bit version of Windows, according to researchers at Kaspersky Lab. The researchers say that the ATM-attacking Tyupkin malware was found running on more than 50 cash machines in Eastern Europe earlier this year, and seems to have already popped its head up in the United States, as well as other nations, including India and China.

 

The security firm discovered the malware in an investigation at a request of a financial institution. Interpol has already alerted countries in Asia, Europe and Latin America and is carrying out an investigation. Director of Interpol’s digital crime center Sanjay Virmani stated:

“Offenders are constantly identifying new ways to evolve their methodologies to commit crimes, and it is essential that we keep law enforcement in our member countries involved and informed about current trends and modus operandi.”

The researchers explained the hack can force ATM machines to dispense 40 notes at a single time. The initiation requires hackers to physical access cash machine, in order to install the Tyupkin malware via a bootable CD ROM.

 

Once the Tyupkin malware is installed, a gang member can be sent to the infected machine to enter two codes on the keypad. One is known to the robber, but the other is a unique code generated randomly from a remote location via an algorithm.

 

The cash machine only dispenses notes when the second code is entered, giving the remote criminal visibility and control over the frequency and instances of these withdrawals. The requirement for a second code also ensures that no-one outside the hacking group can profit from the crime.

 

http://blogs.intrali...-infected-atms/

[crp]

heh, heh. Don't even need malware - just bad code:

http://www.ncl.ac.uk/press.office/press.release/item/contactless-cards-fail-to-recognise-foreign-currency

[securitybreach]

Wow

[Guest LilBambi]

Sadly true crp!

[Capt.Crow]

Try this..... Invent a small piece of spurious code. Cut and paste it into Goggle search Press search and go . I just bet you have a lot of fun ....