A new level of threat in ATMs

Posted by Keith McMillan

June 11, 2009 | Leave a Comment

In a recent post I talked about ATM skimming devices. It seems from a recent article in Wired that theives have taken ATM fraud to a new high. In Europe machines have been found that have been compromised with modified software, which eliminates the need for card skimmers or cameras.  It requires someone with insider access to install the software on the machine, but it definitely ups the ante quite a bit.

The malware captures account numbers and PINs from the machine’s transaction application and then delivers it to the thief on a receipt printed from the machine in an encrypted format or to a storage device inserted in the card reader. A thief can also instruct the machine to eject whatever cash is inside the machine. A fully loaded ATM can hold up to $600,000.

Where before you stood a chance of spotting a card skimming device on your neighborhood ATM, with this scheme you really have no idea whether the machine has been compromised, since it’s all in software.

The good news is it seems like more recent ATM machines have newer security measures that make the attack ineffective.  On the other hand, how long has your bank had their current ATMs?

[ Original story at Wired ]


RSS feed | Trackback URI

Comments »

No comments yet.

Name (required)
E-mail (required - never shown publicly)
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> in your comment.