A Hacker group named Cobalt have been attacking ATMs in more than a dozen countries in Europe and Asia, including the U.K. and Russia. The “smash and grab” attacks were coordinated from unknown command centers. They don’t require any physical tampering of the ATMs but the hackers do need someone to be present when the attack happens so they can collect the wads of cash from the ATM. Hackers attack huge numbers of ATMs at the same time because they know they can be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down.
A key threat is when cyber criminals commit fraud remotely from anywhere globally and attack the whole ATM network without being ‘on the radar’ of security services,says Dmitry Volkov, Group IB’s head of the investigation.
ATM skimmers have become miniscule and thinner, with an extended battery life. Several miniaturized fraud devices have been pulled from compromised cash machines at various ATMs in Europe so far this year.
According to a new report from the European ATM Security Team (EAST), a novel form of mini-skimmer was reported by one country. Pictured below is a device designed to capture the data stored on an ATM card’s magnetic stripe as the card is inserted into the machine. Most card skimmers sit directly on top of the existing card slot, the newer mini-skimmers fit snugly inside the card reader throat. These newer skimmers are difficult to detect.
Mobile-powered skimmers allow thieves to have the stolen card data relayed via text message, meaning they never need to return to the scene of the crime once the skimmer is in place. MP3-based skimmers capture card data as audio waves that specialized software can later convert into card data.
ATM skimmers are still a problem in Europe, even though practically all cash machines there only accept cards that include so-called “chip & PIN” technology. Chip & PIN, often called EMV (short for Eurocard, MasterCard and Visa), is designed to make cards far more expensive and complicated for thieves to duplicate.
Regrettably, the United States is the last of the G-20 nations that has yet to transition to chip & PIN, which means most ATM cards issued in Europe have a magnetic stripe on them for backwards compatibility when customers travel to this country. Quite Naturally, ATM hackers in Europe will ship the stolen card data over to thieves here in the U.S., who then can encode the stolen card data onto fresh (chipless) cards and pull cash out of the machines here and in Latin America.
Countries where the ATM EMV rollout has been completed most losses have migrated away from Europe and are mainly seen in the USA, Asia-Pacific, and Latin America.
One of the easiest ways to protect yourself from ATM skimmers is to cover the PIN pad when you enter your digits.
Just By Texting
There is a calling for businesses and home users to upgrade their Windows XP systems. there is a new technique surfacing in Mexico whereby hackers are able to tap into ATMs by texting.
ATMs are computers that control access to cash, and about 95 percent of them run on versions of Windows XP. Windows XP is slated end April 8, 2014 and the banking industry is facing a serious risk of cyberattacks aimed at their ATM fleet. Hackers are targeting ATMs with increasingly sophisticated techniques.
ATM malware in Mexico, allowed hackers at ATMs to spew cash on demand using an external keyboard. That threat was named Backdoor.Ploutus. Some weeks later, it was discovered that a new variant which showed that the malware had evolved into a modular architecture. The new variant was also localized into the English language, suggesting that the malware author was expanding their franchise to other countries. The new variant was identified as Backdoor.Ploutus.B. The variant of Ploutus allowed hackers to send an SMS to the compromised ATM, then walk up and collect the dispensed cash. This technique is being used in a number of places across the world at this time.
Modern ATMs have enhanced security features, such as encrypted hard-drives, which can prevent these types of installation techniques. However, for older ATMs still running on Windows XP, protecting against these types of attacks is more challenging, especially when the ATMs are already deployed in all sorts of remote locations. Another difficulty that needs to be addressed is the physical security of the computer inside the ATMs. While the ATM’s money is locked inside a safe, the computer generally is not. Without adequate physical security for these older ATMs, the attacker has the upper hand.
Ways to make it difficult for hackers include
- Upgrading to a supported operating system such as Windows 7 or 8
- Providing adequate physical protection and considering CCTV monitoring for the ATM
- Locking down the BIOS to prevent booting from unauthorized media, such as CD ROMs or USB sticks
- Using full disk encryption to help prevent disk tampering
- Using a system lock down solution such as Symantec Data Center Security: Server Advanced (previously known as Critical System Protection)
SmartMetric authentication scanner is the world’s first and only fingerprint scanner inside a credit card.The SmartMetric authentication solution that has a fully functional self powered fingerprint reader built inside a credit card, the company President says ” this is a game changing technological leap that will save financial institutions around the world Billions from fraud.”But like many so called “overnight” successes and breakthrough technologies, SmartMetric has doggedly pursued the development of this technology for a decade. The SmartMetric solution was created to work with existing ATM and in store payment machines using the EMV standard chip on card interface. A person can just simply touche their credit card, a scan is made of their fingerprint and if it is the card owner, then the EMV chip is activated to then work in a standard ATM or retail POS machine. Saying goodbye to old passwords and pins.
A gang of bank ATM skimmers in Australia used new 3D printing technology to make skimming devices that were then used to steal around $100,000. New South Wales police force has said that thousands of customers from two banks were fleeced after at least 15 ATMs were targeted.
The gang, which the police suspects is Romanian, is said to have used “sophisticated” devices using 3D printers and computer-aided design (CAD) systems. Detective superintendent Col Dyson, commander of the New South Wales fraud and cybercrime squad, told iTnews the alleged gang used one particularly “sophisticated” skimming device that was entirely self-contained and accompanied by a tiny video camera.
Dyson said, “These devices are actually manufactured for specific models of ATMs so they fit better and can’t be detected as easily.”
He told iTnews, “Previous devices have always had wires hanging off them. One of the ones used in this case does have wires hanging off it, that’s because of the design of the ATM. But the smallest one is quite impressive in that it is contained within a resin block and sealed.”
The latest ATM’s include features like video chatting with a live teller, receiving change and more.
Bank of America’s new Teller Assist machines, for example, allow a customer to swipe a debit or credit card, driver’s license or photo ID for authentication. A live teller will then surface on the screen to assist the user.
The machines are supposed be able to perform about 80% of the services a traditional teller can.