Two researchers speaking at the Chaos Computing Congress in Hamburg, Germany have revealed an elaborate caper carried out by a gang of hackers that saw ATM machines being emptied of their cash in an undisclosed European country.
At some point in 2013, hackers came up with an elaborate scheme that would give them complete control of ATM machines from an unknown bank in Europe. The plan involved cutting a hole into the actual machine to gain access to a USB port and then inserting a thumb drive with malware into it. After entering a 12 digit code, a custom user interface would pop up that gave them control of the machine. Amongst the tools at their disposal was a readout of just how much cash was contained in the ATMs safe by denomination, and controls to release specific amounts of each bank note.
When the thieves were done they would remove the drive, cover up the hole and the machine would return to normal operations.
The plot was uncovered in July when the unnamed bank noticed its ATM safes were empty. Additional surveillance was posted around the machines in question which finally revealed what was happening. The thieves had continued to use the same machines over and over as it allowed them to skip the process of having to cut new holes.
Proving that there is no honor amongst criminals, it seems that going through the infected files after they were discovered revealed that no one could pull this job off alone. Once the drive was inserted into the port, a series of numbers would be displayed on the screen. The operator would then have to call another member of the gang to be told the correct numeric response to those numbers to activate the interface. Apparently there was a fear that someone from the group would take the drive assigned to them and go rogue.
The two researchers, both of whom declined to be named, said that the hack showed the criminals had "profound knowledge" of the target ATMs. And while there was a lot of security on the hackers side, including the fact the malware was extremely hard to deconstruct, the same policies didn't extend to the file names. The main file involved in the hack was revealed to be named "hack.bat."
We're all left to wonder if all of the ATMs have been repaired by this time, but we're sure there are some developers working on far more extensive security software at this point.
Add magic to your living space with these string lights
String lights add personality and soft light to your living space. Here are some of the best.
Disguise your little one with the help of a themed costume
From avocado halves to hoppy bunnies, costumes speak to every child's unique spirit. And we've collected our favorite options.
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Illustrate your brilliant ideas on the best whiteboards
Teaching, training, and brainstorming represent a fraction of activities that involve a lot of writing and erasing. What better medium to use than a whiteboard? We have a collection of some of the best whiteboards available today.