ATM hacking | Breaking Cybersecurity News | The Hacker News

Criminals will not let any way to cheat an ATM machine out of its cash, as it's one of the easiest way for them to get the hands on cash. ATM skimmers have now discovered a new and high-tech approach to target cash machines directly by inserting a physical notorious device into it instead. According to the Chinese press , two Ukrainian men arrested in Macau for reportedly planting the malicious software program in the seven Macau bank ATMs. This could came out as the quickest method to hack the cash machines. HACKING ATM MACHINES The two accused were arrested this week by the authorities in Macau, a Chinese territory approximately west of Hong Kong, but the two are from Ukraine and had successfully stolen almost $100,000 by corrupting more than seven ATMs with a computer virus. According to the authorities, the men allegedly used a green object device ( as shown in the image ) to carry out the money fraud. They first connected the device to a laptop and then inserted

In March this year, we reported that the major card distributor companies, VISA and Mastercard are migrating to EMV chip cards , also known as PIN-and-Chip cards. Unlike traditional magnetic stripe payment cards, EMV chip cards generates a unique code for every transaction, making it nearly* impossible for criminals to use the card for counterfeit fraud. But Nothing is perfectly secure, even not the PIN-and-Chip based payment cards. All anti-cloning theories were already proven wrong, when a group of researchers found a way to hack the Credit and Debit cards based on the latest Chip-and-Pin technology. Back in 2012, we reported about a research paper entitled " Chip and Skim: cloning EMV cards with the pre-play attack " published ( old paper ) by team of researchers from the University of Cambridge, UK, who demonstrated that Chip and PIN payment card systems are also vulnerable to Card Cloning. The same team of researchers presented their EVM related research last Mond

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world's 3 million ATM machines are run on it.  Microsoft's decision to withdraw support for Windows XP  poses critical security threat to the economic infrastructure worldwide. MORE REASONS TO UPGRADE Security researchers at Antivirus firm Symantec claimed that hackers can exploit a weakness in Windows XP based ATMs, that allow them to withdraw cash simply by sending an SMS to compromised ATMs. " What was interesting about this variant of  Ploutus  was that it allowed  cybercriminals  to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible, but this technique is being used in a number of places across the world at this time. " researchers said. HARDWIRED Malware for ATMs According to researchers - In 2013, they detected a malware named Backdoor . Ploutus,  installed on ATMs in Mexico, wh

As we have reported you earlier that Microsoft is pulling out their Windows XP support after April 8 2014. Since a vast majority of bank ATMs around the world currently runs on Windows XP, but if they'll continue sticking to it after the deadline, then they'll be exposed to all kinds of security threats, as Microsoft will no longer provide the security patches thereafter. Many countries' Banks have got a way out, many banks have arranged or are in the process of arranging extended support for Windows XP for which they are ready to pay Microsoft millions of dollars, but may be not in the case of India. Yes, India will never feed Microsoft for providing extra support to the older version; rather they could switch over to the Linux operating system. India has around 115,000 ATMs across the country at present and the counts will go up in coming days, but the end of life for XP will not affect banks and functioning of ATMs as the financial institutions across the country are we

Despite so many warnings from Microsoft and Cyber Security Experts, Windows XP is still being used by a number of Government organizations, Financial institutions as well as big Corporations all around the world. If we look at the statistics then almost 30% of computers you will find that still run Windows XP , including banks, airline companies, and other huge enterprises, the count in real is likely to be even higher than the estimated. But If you stick with Windows XP after April 8 2014 , you might be at a great risk as XP will take its last breath officially on that day and will die! This fact poses danger to its users as they will be exposed to all kinds of threats. Almost thirteen years after it was 'first released' i.e. April 8 when the Redmond, Washington-headquartered Corporation will stop support for its longest running and most successful OS, Windows XP. Continue using Windows XP after April 8, it will serve you as a Dead Zombie, because Microsoft w

Cyber Criminals will not let any way out without making Money. Another huge Credit Card theft and this time they targeted Gas Stations. 13 men were suspected and charged for stealing banking information, using Bluetooth enabled Credit Card Skimmers planted on the gas stations throughout the Southern United States. They made more than $2 Million by downloading the ATM information, as well as PIN numbers from the gas pumps and then used the data to draw cash from the ATMs in Manhattan. Manhattan District Attorney Cyrus R. Vance explained the operation that the skimming devices were internally installed so was undetectable to the people who paid at the pumps and the devices were Bluetooth enabled, so it did not need any physical access in order to obtain the stolen personal identifying information. " By using skimming devices planted inside gas station pumps, these defendants are accused of fueling the fastest growing crime in the country. Cybercriminals and ident

Hacking ATM Machines is nothing new, but it seems that instead of relying on ATM skimmers now some smart hackers in Europe are reportedly targeting ATM Machines using Malware -loaded USB drives to steal money. Most of the world's ATMs are running on Windows XP operating system, which is highly vulnerable to Malware attacks. Just like your Desktop Laptops, some ATMs also have USB sockets, which is hidden behind the ATM's fascia. The German security researchers who discovered the hack detailed their findings at the Chaos Computing Congress in Hamburg, Germany recently. They said that the thieves cut holes in the fascia to access a USB port and then uploaded malware to the machines. The malware creates a backdoor that can be accessed on the front panel. " These researchers explained that the malware allowed the thieves to create a unique interface on the ATMs by typing in a 12-digit code. This interface allowed for withdrawal and also showed the criminals the amount of money and e

If you have shopped something during the Black Friday weekend from Target's U.S based Retailer stores, then please pay serious attention - Your Credit and Debit card account may have been at Risk. There are more than 1,500 Target stores throughout the U.S and 40 Million credit and debit card accounts of Target's customers may have been stolen during the height of the holiday shopping season, according to a statement  published by the company. Somehow thieves allegedly gained access to personal data in stores when customers swiped their cards at the register. That information is then typically sold to buyers who then make bogus debit or credit cards with it. So the customers who made purchases by swiping their cards at terminals in its U.S. Stores between November 27 and December 15 may have been exposed.  Krebs who broke the story reports that the breach does not impact shoppers who purchased items online. Target has not disclosed exactly how the data breach occurr

A Romanian man serving a five-year jail sentence in Romania for his involvement in an ATM skimming scheme, has developed a device designed to protect ATMs from such attacks. 33-year-old Valentin Boanta who is being detained in a prison from Vaslui, Romania, after he was convicted on charges of bank card fraud in 2009, developed what he calls the SRS (Secure Revolving System) which changes the way ATM machines read bank cards to prevent the operation of skimming devices that criminals hide inside ATMs. " When I got caught I became happy. This liberation opened the way to working for the good side ," Boanta said. " Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction ," Boanta said. Boanta began working on SRS during his trial. SRS, Boanta says, can be installed into any ATM. ATM skimmers work by installing a second, concealed card reader over the one that's built into the ATM. When an unsuspecting bank customer