Stories
Slash Boxes
Comments

SoylentNews is people

ATM Hackers Have Picked Up Some Clever New Tricks

posted by chromas on Monday August 17 2020, @09:30PM   Printer-friendly
from the press-button-receive-bacon dept.

upstart writes in with an IRC submission:

ATM Hackers Have Picked Up Some Clever New Tricks:

At last week's Black Hat and Defcon security conferences, researchers dug through recent evolutions in ATM hacking. Criminals have increasingly tuned their malware to manipulate even niche proprietary bank software to cash out ATMs, while still incorporating the best of the classics—including uncovering new remote attacks to target specific ATMs.

During Black Hat, Kevin Perlow, the technical threat intelligence team lead at a large, private financial institution, analyzed two cash-out tactics that represent different current approaches to jackpotting. One looked at the ATM malware known as INJX_Pure, first seen in spring 2019. INJX_Pure manipulates both the eXtensions for Financial Services (XFS) interface—which supports basic features on an ATM, like running and coordinating the PIN pad, card reader, and cash dispenser—and a bank's proprietary software together to cause jackpotting.

[...] Perlow also looked at FASTCash malware, used in jackpotting campaigns that the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency attributed to North Korean hackers in October 2018. North Korea has used the malware to cash out tens of millions of dollars around the world, which coordinated groups of money mules then collect and launder. FASTCash targets not the ATMs themselves but a financial card transaction standard known as ISO-8583. The malware infects software running on what are known as "payment switches," finance infrastructure devices that run systems responsible for tracking and reconciling information from ATMs and responses from banks. By infecting one of these switches rather than attacking an individual ATM, FASTCash attacks can coordinate cash-outs from dozens of ATMs at once.

"If you can do this, then you no longer have to put malware on 500 ATMs," Perlow says. "That's the advantage, why it’s so clever."

[...] "What has fundamentally changed between when Barnaby Jack presented and now?" Red Balloon's Cui says. "The same types of attacks that would have worked against laptops and laptop operating systems 15 years ago largely wouldn't work now. We've leveled up. So why is it that the machine that holds the money has not evolved? That’s incredible to me."

Original Submission

 
This discussion has been archived. No new comments can be posted.
ATM Hackers Have Picked Up Some Clever New Tricks | Log In/Create an Account | Top | 10 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: -1, Spam) by Anonymous Coward on Tuesday August 18 2020, @10:50PM

    by Anonymous Coward on Tuesday August 18 2020, @10:50PM (#1038574)

    Marissa Van Eck FAKENAME NIGGER CUNT Azuma Hazuki: So "that was NOT me posting" https://soylentnews.org/comments.pl?noupdate=1&sid=37033&page=1&cid=985641#commentwrap [soylentnews.org] which YES, you said when you LIBELED me publicly BEFORE it with YOU saying "So that's a "yes" to schizophrenia/schizoaffective disorder and a "no" to "am taking meds for said disorder" LIBELING ME then...?" per YOUR https://soylentnews.org/comments.pl?noupdate=1&sid=37033&page=1&cid=982854#commentwrap [soylentnews.org] you stupid pitiful FAKENAME fuck online LIAR piece of fucking SHIT NIGGER?

    OR

    Was it when I GOT YOUR REAL NAME & found you are a satanist/anti-god HERE https://redeeminggod.com/sermons/luke/luke_7_36-50/#comment-269796 [redeeminggod.com] also which most ALL you "LEFTIST" LOSER weirdos usually are (which YES, in THIS other exchange "Why do you assume that you finding discussion threads on other sites with me in them will scare me?" quoted from https://soylentnews.org/comments.pl?noupdate=1&sid=38720&page=1&cid=1028402#commentwrap [soylentnews.org] you DID admit FINALLY to saying it was you - ESPECIALLY AFTER dozens of doctors RECENTLY seconded me on Hydroxychloroquin + Zinc (& Vitamin D3 imo along w/ other things I noted that are anti-viral + antibacterial like RAW GARLIC too)).

    Do me a favor - DENY ANY OF THOSE, please & I will continue PROVING YOU ARE A NIGGER SHITBAG LOSER, devil... as I already DID here https://soylentnews.org/comments.pl?noupdate=1&sid=38720&page=1&cid=1028211#commentwrap [soylentnews.org]

    The TRUE BEAUTY of SATANIST FUCKS like YOU (antigod assholes)? TRUTH & FACT DESTROYS LIBELOUS DEVILS LIKE YOU - just like I did you & OTHER AHOLES who doubted what I wrote on what is NOW PROVEN TRUE by DOCTORS, admitted in mainstream media etc. (as I showed in those links' exchanges above easily) & especially LATELY by DOZENS of doctors (I have proof from pros - NOT LIBEL like you did to me PUBLICLY & I can still FRY YOU FOR IT FUCKER, live in fear fuck) MINUS any psych pros backing you.

    SAY 1 THING, YOU STINKING LIBELOUS NIGGER FUCK & I will CONTINUE LEVELLING YOU PUBLICLY with facts - not libel as you tried on me, stupid "Marissa von DUMBO", lol - please, say 1 thing & the BEATING on you, PUBLICLY will continue in this thread where you will have a HELL of a TIME "downmod burying it" via downmod brigades doubtless ONLY yourself via multiple sockpuppet accounts etc. (downodding to HIDE it? FORGET IT vs. me - everyone sees you @ it now, lol - thanks, just as I SAID "your kind", demonic SWINE/antigod LOSERS, always do).

    WHY SHOULD YOU FEAR LIBELING ME PROJECTING IT NOW, TRYING TO HIDE IT TOO?

    TOUGH HIDING YOU LIED about LIBELING ME, especially via INHERENTLY DAMAGING STATEMENTS libeling me as you did see GOLDWATER RULE below too fuckface CUNT you are (wikipedia proof https://soylentnews.org/comments.pl?noupdate=1&sid=37033&page=1&cid=985366#commentwrap [soylentnews.org] & you said "No jury or judge would back it" here https://soylentnews.org/comments.pl?noupdate=1&sid=37033&page=1&cid=985353#commentwrap? [soylentnews.org] Ok - like I said earlier here which you TRIED TO DOWNMOD HIDE as I knew you HAVE to (everyone sees it anyhow) - TRY ME FUCKER - say 1 thing you COWARDLY STUPID LITTLE FUCK & we'll SEE what happens to you, fuckface CUNT you are).

    As I said "DO YOU WANT TO BE SUED" for breaking the GOLDWATER RULE? See here again https://soylentnews.org/comments.pl?noupdate=1&sid=37033&page=1&cid=985329#commentwrap [soylentnews.org] for YOUR (& everyone else's) reference of YOUR LIBEL of myself

    APK

    P.S.=> Oh, I am going to have a FIELDDAY on YOUR ASS fucker - catching you not ONLY IN LIES above, but also in the fact you are a GODLESS fucking LOSER - come on, say something, question the above where you LIED fucker ("it was not me saying it" but it WAS in those links calling me a nutcase essentially when YOU SAID YOU DID NOT (because it IS grounds for SUING THE LIFE OUT OF YOUR WORTHLESS ASS because your statements are NOT BACKED BY actual psychiatric pros in professional psychiatric grounds LIBELING ME)) - oh, you are NEVER going to LIVE THIS DOWN & believe you me - I am going to MAKE SURE you don't - live with your HUMILIATION loser... apk

    Starting Score:    0  points
    Moderation   -1  
       Spam=1, Total=1
    Extra 'Spam' Modifier   0  
    Total Score:   -1