Latest News Editor's Choice


Technology / Computers

How hackers are breaking into ATMs, stealing money - Video

by Staff reporter
08 Oct 2014 at 10:17hrs | Views
Kaspersky Lab's experts recently performed a forensic investigation into cyber-criminal attacks targeting ATMs around the world.

During the course of the investigation, the company's researchers discovered a piece of malware infecting ATMs that allows attackers to empty the cash machines via direct manipulation.

They work at night - only on Sundays and Mondays. Without inserting a card into the ATM slot, they enter a combination of digits on the ATM's keyboard, make a call to receive further instructions from an operator, enter another set of numbers, and the ATM starts giving out cash, lots of cash. Then they leave.
How the attacks played out

The criminals work in two stages. First, they get physical access to the ATMs and insert a bootable CD to install the malware - code named Tyupkin by Kaspersky Lab. After they reboot the system, the infected ATM is under their control.

After a successful infection, the malware runs in an infinite loop waiting for a command. To make the scam harder to spot, Tyupkin malware only accepts commands at specific times on Sunday and Monday nights. During those hours the attackers are able to steal money from the infected machine.

Video footage obtained from security cameras at the infected ATMs showed the methodology used to access cash from the machines.

A unique digit combination key based on random numbers is freshly generated for every session. This ensures that no person outside the gang can accidentally profit from the fraud.

The malicious operator then receives instructions by phone from another member of the gang who knows the algorithm and is able to generate a session key. This ensures that the mules collecting the cash do not try to go it alone.

When the key is entered correctly, the ATM displays details of how much money is available in each cash cassette, inviting the operator to choose which cassette to rob. After this, the ATM dispenses 40 banknotes at a time from the chosen cassette.

The video shows how this attack works on a real ATM.


Source - mybroadband