Hackers aren’t only targeting businesses in America. In an ongoing investigation that began in March of this year, security company Kaspersky Labs and Interpol say that cyber criminals have been hitting ATMs in Eastern Europe and Russia,emptying cash machines with a unique and specifically timed scam. The above image shows a screenshot of the malicious software used to hack the cash machines.
Video footage from security cameras at infected ATMs shows that the hacks occur only on Sunday and Monday nights and that the criminals gain physical access to the machines by inserting a bootable disk into the system. The ATM is rebooted and the infected malware is uploaded into the system. The hackers wear hoodies, making it difficult to identify them while they are in camera range.
The investigators would not reveal how the machines are opened or how the CDs are loaded into them but, once the malware is active, the criminal enters a specific combination of numbers through the ATMs keyboard. Then the hacker makes a phone call and receives instructions for entering another set of numbers. Essentially using a two step verification process. Since the on site criminals can only gain access after the phone call, they can’t perform the operation alone. Once the correct set of numbers has been entered, the machine gives out the cash.
The entire operation takes about four minutes, according to Mr. Kaspersky. His firm continues to help Russian police in the ongoing investigation. Interpol has alerted the member countries that have been affected. US regulators have been warned of this spreading pattern of cyber attacks, targeting teller machines.
Source: The Wall Street Journal