Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Thursday April 06 2017, @02:03AM   Printer-friendly
from the i'll-take-two dept.

Two Soylentils submitted stories about recently-disclosed attacks against ATMs [Automated Teller Machines].

Self-Deleting Malware Makes ATMs Spit out Cash

Security researchers have uncovered one of the most sophisticated ATM heists to date, involving a group of cyber criminals specialized in hacking bank networks using fileless malware, and ATM malware that spits out cash and then self-deletes.

These ATM heists are the work of a group of hackers that's been active for years. Most recently, starting 2016, this group has switched to using legitimate Windows apps and fileless malware to hack into government agencies and banks in at least 40 countries.

Because those attacks used stealthy techniques that left a minimal footprint on infected servers, investigators weren't able to detect what the crooks were after. Nevertheless, they suspected the hackers stole data from infected systems, albeit they didn't know what data.

More clues about these attacks came to light only recently. Security researchers from Kaspersky Lab, the ones who identified the initial attacks this February, believe they uncovered the purpose of some of the bank hacks.

Source: Bleeping Computer

Attackers Physically Drilling Into ATMs to Steal Thousands of Dollars From Banks

Attackers are using drills to physically compromise ATMs so that they can steal thousands of dollars from the financial institutions operating them.

In the fall of 2016, a bank client revealed one of their ATMs that attackers had emptied to Kaspersky Lab. The only indication of physical tampering was a golf ball-sized hole someone had drilled into the machine next to the PIN pad. Law enforcement later arrested a suspect and found a laptop and cable in their possession.

These discoveries piqued the curiosity of Igor Soumenkov, a researcher at the Russian security firm. He said so at the company's annual Kaspersky Analyst Summit. As quoted by WIRED:

"We wanted to know: To what extent can you control the internals of the ATM with one drilled hole and one connected wire? It turns out we can do anything with it. The dispenser will obey and dispense money, and it can all be done with a very simple microcomputer."

To get to the bottom of Soumenkov's question, Kaspersky's researchers transported the same ATM model to their lab and removed the machine's front panel to look inside. They found a wire that connected all the ATM's components, from the user interface to the cash dispenser. From their subsequent analysis, they also identified only a weak XOR cipher and no suitable authentication protecting the communications exchanged between these components.

WIRED's Andy Greenberg puts this setup into perspective:

"In practical terms, that means any part of the ATM could essentially send commands to any other part, allowing an attacker to spoof commands to the dispenser, giving them the appearance of coming from the ATM's own trusted computer."

Source: Tripwire's "The State of Security" Blog


Original Submission #1 Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Funny) by Anonymous Coward on Thursday April 06 2017, @08:19AM (2 children)

    by Anonymous Coward on Thursday April 06 2017, @08:19AM (#489565)

    investigators weren't able to detect what the crooks were after.

    Hmmm, I don't know… perhaps money?

    Starting Score:    0  points
    Moderation   +1  
       Funny=1, Total=1
    Extra 'Funny' Modifier   0  

    Total Score:   1  
  • (Score: 0) by Anonymous Coward on Thursday April 06 2017, @09:39AM (1 child)

    by Anonymous Coward on Thursday April 06 2017, @09:39AM (#489590)

    Actually, they don't know what the crooks were after. It was not money, for fiat money does not exist. It is a piece of paper with some number written on it (and these days only a value in a spread sheet), and the signature and seal of somebody who was given the right to print money by traitors.

    • (Score: 2) by requerdanos on Thursday April 06 2017, @03:56PM

      by requerdanos (5997) Subscriber Badge on Thursday April 06 2017, @03:56PM (#489704) Journal

      fiat money does not exist. It is a piece of paper with some number written on it (and these days only a value in a spread sheet), and the signature and seal of somebody who was given the right to print money by traitors.

      Hear, hear; I'm totally with you.

      Except...

      the coins/pieces of paper exist... check.
      they are divisible via denominations or similar... check.
      the have agreed-upon value... check.
      they can be readily exchanged... check.
      they store that value to be saved and used later... check.
      they provide a unit of account, providing a base for pricing... check.

      ... in other words, despite having little to no inherent value in its materials nor workmanship, fiat money is money [imf.org] by definition.

      In the above link, the IMF admits that "Fiat money is materially worthless", but points out that it "has value... because a nation collectively agrees to ascribe a value to it."

      And if I were running an ATM, I would be unhappy if someone found a way to target and arbitrarily remove its banknotes regardless of what they were specifically after.