Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Thursday April 06 2017, @02:03AM   Printer-friendly
from the i'll-take-two dept.

Two Soylentils submitted stories about recently-disclosed attacks against ATMs [Automated Teller Machines].

Self-Deleting Malware Makes ATMs Spit out Cash

Security researchers have uncovered one of the most sophisticated ATM heists to date, involving a group of cyber criminals specialized in hacking bank networks using fileless malware, and ATM malware that spits out cash and then self-deletes.

These ATM heists are the work of a group of hackers that's been active for years. Most recently, starting 2016, this group has switched to using legitimate Windows apps and fileless malware to hack into government agencies and banks in at least 40 countries.

Because those attacks used stealthy techniques that left a minimal footprint on infected servers, investigators weren't able to detect what the crooks were after. Nevertheless, they suspected the hackers stole data from infected systems, albeit they didn't know what data.

More clues about these attacks came to light only recently. Security researchers from Kaspersky Lab, the ones who identified the initial attacks this February, believe they uncovered the purpose of some of the bank hacks.

Source: Bleeping Computer

Attackers Physically Drilling Into ATMs to Steal Thousands of Dollars From Banks

Attackers are using drills to physically compromise ATMs so that they can steal thousands of dollars from the financial institutions operating them.

In the fall of 2016, a bank client revealed one of their ATMs that attackers had emptied to Kaspersky Lab. The only indication of physical tampering was a golf ball-sized hole someone had drilled into the machine next to the PIN pad. Law enforcement later arrested a suspect and found a laptop and cable in their possession.

These discoveries piqued the curiosity of Igor Soumenkov, a researcher at the Russian security firm. He said so at the company's annual Kaspersky Analyst Summit. As quoted by WIRED:

"We wanted to know: To what extent can you control the internals of the ATM with one drilled hole and one connected wire? It turns out we can do anything with it. The dispenser will obey and dispense money, and it can all be done with a very simple microcomputer."

To get to the bottom of Soumenkov's question, Kaspersky's researchers transported the same ATM model to their lab and removed the machine's front panel to look inside. They found a wire that connected all the ATM's components, from the user interface to the cash dispenser. From their subsequent analysis, they also identified only a weak XOR cipher and no suitable authentication protecting the communications exchanged between these components.

WIRED's Andy Greenberg puts this setup into perspective:

"In practical terms, that means any part of the ATM could essentially send commands to any other part, allowing an attacker to spoof commands to the dispenser, giving them the appearance of coming from the ATM's own trusted computer."

Source: Tripwire's "The State of Security" Blog


Original Submission #1 Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Funny) by bob_super on Thursday April 06 2017, @02:15AM (1 child)

    by bob_super (1357) on Thursday April 06 2017, @02:15AM (#489468)

    I was going to buy the biggest drill bit at Home Depot, but i don't have enough cash on me...

    Curses! Foiled again!

    Starting Score:    1  point
    Moderation   +2  
       Funny=1, Touché=1, Total=2
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Thursday April 06 2017, @05:31AM

    by Anonymous Coward on Thursday April 06 2017, @05:31AM (#489515)

    The hole needn't be big. The size of a Russian golf ball will do.