Search Disaster Preparedness Blog

Entries in ATM (1)

Monday
Jun082009

Malware On ATMs Allowing Criminals To Steal Data and Cash

Approximately 20 ATMs have been found in Europe that have malware on them allowing thieves to steal cash as well as acount data and PINS from account holders.

The ATMs are located mostly in Russia and the Ukraine however their seems to be indications that the Unites States may have compromised ATMS as well.

Since the malware needs to be directly installed onto the ATM an insider is suspected but whether that insider works at a bank, an ATM vendor, a company that services the machines or someone close to an insider is unknown at this time.

The discovery was made by SpiderLabs at Trustwave.

The ATMs were running the Windows XP Operating System and had an executable on them that was masquerading as a legitimate Windows protected storage service, he said. The malware looks at all the data being processed by the ATM and records account information that is stored on the magnetic stripes on cards inserted into the machine and encrypted PIN blocks that are generated when someone types in their personal identification number.

Even though PINs are encrypted, the criminals could potentially intercept the encryption keys exchanged with the bank and use them to decrypt the PINs or even use other methods to decrypt the keys once they have the information.

For more on this story please refer to the reference below.