Hackers have developed USB drives which can infect ATMs with malware allowing them to withdraw bundles of cash within a matter of minutes.
The hackers cut out a piece from the frame of the machine, exposing a USB port through which they insert the USB drive containing the software and covered up the hole.
The USB allows the user to type in a 12-digit code which would then bring up a new screen on the machine telling them how many of each denominations of notes was available in that particular ATM. It would then offer “withdrawal” options for each.
[related-posts]
The thieves could then target the biggest denominations, taking the most money in the smallest amount of time.
The malware were reported by two researchers at the Chaos Computing Congress of international hackers held in Hamburg, Germany.
The hackers not only had the capacity to extract cash directly, but also intercept information such as customer PIN details or account data.
According to the researchers, the criminals did not even trust each other, requiring those who approached the machines to not only enter the initial 12-digit code but also another code which they could only be told from their headquarters by phone when they were at the machine. If they entered the first code, they had only three minutes to secure the second set of numbers before the machine returned to normal.
A number of thefts came to light in July after a financial institution noticed several of its ATMs were being emptied despite their use of safes to protect the cash inside. The USB was located and examined to find out how the scam worked.
Source: www.irishexaminer.com