#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

ATM hacking | Breaking Cybersecurity News | The Hacker News

Report: German Bank ATMs vulnerable to Hackers

Report: German Bank ATMs vulnerable to Hackers

Nov 02, 2015
Avoiding Credit Card Fraud is simply easy as long as you use cash. But, what if you even get hacked while withdrawing cash from an ATM? If you are living in Germany or traveling there, then think twice before using your payment cards in the ATMs. Here's why: A Security researcher in Germany has managed to hack ATM and self-service terminal from Sparkasse Bank that allowed him to reveal the sensitive details from the payment card inserted into the machine. Benjamin Kunz-Mejri , CEO of Germany-based security firm Vulnerability Lab , discovered a vulnerability while using a Sparkasse terminal that suddenly ejected his card, and changed status to " temporarily not available. " Meanwhile, the machine automatically started performing software update process in the background. However, Benjamin used a special keyboard combination to trick the ATM into another mode. Benjamin's trick forced ATM system to put update process console (cmd) in the foreground
Hacker Who Stole Money From Bill Gates Arrested in Philippines

Hacker Who Stole Money From Bill Gates Arrested in Philippines

Apr 13, 2015
What if you get into the bank account of the World's most richest person? Maybe it could be difficult for you as well as I. But not for this guy… ... Konstantin Simeonov Kavrakov , a Bulgarian hacker, who hacked into the ATM and stole thousands of dollars from the bank account of Microsoft mogul Bill Gates with fake ATM cards arrested in Philippines, according to the Philippine National Police. The 31-year-old man was arrested red-handed by the Philippine National Police while he was withdrawing cash from an ATM using fake cards. He had stolen tens of thousands of dollars from many victims by hacking into the automated teller machines (ATMs). In 2011, Kavrakov got arrested and was jailed in Paraguay for hacking into the Bill Gates' account in The Philippines' densely-populated Quezon City and stealing thousands of dollars. Since then Kavrakov was on the hit list of many countries police. During the arrest, the police recovered seven cloned credit card
Tyupkin Malware Hacking ATM Machines Worldwide

Tyupkin Malware Hacking ATM Machines Worldwide

Oct 08, 2014
Money is always a perfect motivation for cyber criminals who tries different tricks to solely target users with card skimmers that steal debit card numbers, but now the criminals are using specialized malware that targets ATM (Automated Teller Machine) systems to withdraw cash even without the need of a card. The new backdoor program, dubbed as " Tyupkin ," requires physical access to the ATM system running 32-bit Windows platforms and booting it off of a CD in order to install the malware. According to the researchers, the threat has continued to evolve in recent months, infecting ATMs in Asia, Europe, and Latin America. There are no details relating to the criminal gang behind the attacks, but they have already stolen "millions of dollars" from ATMs worldwide using the sophisticated malware, security firms Kaspersky and Interpol, who are working together in an attempt to foil the criminal gang, said in a joint statement released on Tuesday. " Over t
cyber security

Instantly See How Much Time You Can Save by Automating Compliance

websiteVantaAutomate Compliance
Get an instant calculation of how much time you could save by automating compliance with Vanta.
Unpacking 2024's SaaS Threat Predictions

Unpacking 2024's SaaS Threat Predictions

Jun 05, 2024SaaS Security / Artificial Intelligence
Early in 2024, Wing Security released its State of SaaS Security report , offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Management (SSPM) solutions have prioritized mitigation capabilities to address many of these issues, ensuring security teams have the necessary tools to face these challenges head-on. In this article, we will revisit our predictions from earlier in the year, showcase real-world examples of these threats in action, and offer practical tips and best practices to help you prevent such incidents in the future. It's also worth noting the overall trend of an increasing frequency of breaches in today's dynamic SaaS landscape, leading organizations to demand timely threat alerts as a vital capability. Industry regulations with upcoming compliance deadlines are demanding similar time-sens
Ninth Grade Students Hack into ATM Machine during School Lunch Break

Ninth Grade Students Hack into ATM Machine during School Lunch Break

Jun 12, 2014
When I was in school, I used to play outdoor games like basketball and badminton. When I was in college, I started taking more interest in playing computer games rather going out. But nowadays, children have completely changed their hobbies to programming, hacking, bug bounties in such a ways that just in half an hour of lunch break between classes they hacked ATM machine . A pair of ninth grade students, Caleb Turon and Matthew Hewlett , both 14 year old broke into a Bank of Montreal ATM during their lunch hours between classes by following an old ATM operators manual found online. The duo used the online manual to access the operator mode of the ATM machine in Winnipeg. They didn't use the accessed data to steal any amount from the ATM, rather they simply broke into the ATM machine and printed off information including users' transaction data, surcharge profits and the total cash held in the unit. HOW THEY HACKED INTO ATM MACHINE? Turon and Hewlett were not expectin
Fraudsters Physically Deploy Malicious Software to Hack ATMs

Fraudsters Physically Deploy Malicious Software to Hack ATMs

May 31, 2014
Criminals will not let any way to cheat an ATM machine out of its cash, as it's one of the easiest way for them to get the hands on cash. ATM skimmers have now discovered a new and high-tech approach to target cash machines directly by inserting a physical notorious device into it instead. According to the Chinese press , two Ukrainian men arrested in Macau for reportedly planting the malicious software program in the seven Macau bank ATMs. This could came out as the quickest method to hack the cash machines. HACKING ATM MACHINES The two accused were arrested this week by the authorities in Macau, a Chinese territory approximately west of Hong Kong, but the two are from Ukraine and had successfully stolen almost $100,000 by corrupting more than seven ATMs with a computer virus. According to the authorities, the men allegedly used a green object device ( as shown in the image ) to carry out the money fraud. They first connected the device to a laptop and then inserted
Pre-Play Vulnerability Allows Chip-and-PIN Payment Card Cloning

Pre-Play Vulnerability Allows Chip-and-PIN Payment Card Cloning

May 20, 2014
In March this year, we reported that the major card distributor companies, VISA and Mastercard are migrating to EMV chip cards , also known as PIN-and-Chip cards. Unlike traditional magnetic stripe payment cards, EMV chip cards generates a unique code for every transaction, making it nearly* impossible for criminals to use the card for counterfeit fraud. But Nothing is perfectly secure, even not the PIN-and-Chip based payment cards. All anti-cloning theories were already proven wrong, when a group of researchers found a way to hack the Credit and Debit cards based on the latest Chip-and-Pin technology. Back in 2012, we reported about a research paper entitled " Chip and Skim: cloning EMV cards with the pre-play attack " published ( old paper ) by team of researchers from the University of Cambridge, UK, who demonstrated that Chip and PIN payment card systems are also vulnerable to Card Cloning. The same team of researchers presented their EVM related research last Mond
CASH! CASH! Hacking ATM Machines with Just a Text Message

CASH! CASH! Hacking ATM Machines with Just a Text Message

Mar 25, 2014
As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world's 3 million ATM machines are run on it.  Microsoft's decision to withdraw support for Windows XP  poses critical security threat to the economic infrastructure worldwide. MORE REASONS TO UPGRADE Security researchers at Antivirus firm Symantec claimed that hackers can exploit a weakness in Windows XP based ATMs, that allow them to withdraw cash simply by sending an SMS to compromised ATMs. " What was interesting about this variant of  Ploutus  was that it allowed  cybercriminals  to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible, but this technique is being used in a number of places across the world at this time. " researchers said. HARDWIRED Malware for ATMs According to researchers - In 2013, they detected a malware named Backdoor . Ploutus,  installed on ATMs in Mexico, wh
Indian Banks may switch to Linux, rather than taking extended Windows XP Support

Indian Banks may switch to Linux, rather than taking extended Windows XP Support

Mar 22, 2014
As we have reported you earlier that Microsoft is pulling out their Windows XP support after April 8 2014. Since a vast majority of bank ATMs around the world currently runs on Windows XP, but if they'll continue sticking to it after the deadline, then they'll be exposed to all kinds of security threats, as Microsoft will no longer provide the security patches thereafter. Many countries' Banks have got a way out, many banks have arranged or are in the process of arranging extended support for Windows XP for which they are ready to pay Microsoft millions of dollars, but may be not in the case of India. Yes, India will never feed Microsoft for providing extra support to the older version; rather they could switch over to the Linux operating system. India has around 115,000 ATMs across the country at present and the counts will go up in coming days, but the end of life for XP will not affect banks and functioning of ATMs as the financial institutions across the country are we
Banks to Pay Microsoft Millions of Dollars for extended Windows XP Support

Banks to Pay Microsoft Millions of Dollars for extended Windows XP Support

Mar 18, 2014
Despite so many warnings from Microsoft and Cyber Security Experts, Windows XP is still being used by a number of Government organizations, Financial institutions as well as big Corporations all around the world. If we look at the statistics then almost 30% of computers you will find that still run Windows XP , including banks, airline companies, and other huge enterprises, the count in real is likely to be even higher than the estimated. But If you stick with Windows XP after April 8 2014 , you might be at a great risk as XP will take its last breath officially on that day and will die! This fact poses danger to its users as they will be exposed to all kinds of threats. Almost thirteen years after it was 'first released' i.e. April 8 when the Redmond, Washington-headquartered Corporation will stop support for its longest running and most successful OS, Windows XP. Continue using Windows XP after April 8, it will serve you as a Dead Zombie, because Microsoft w
Bluetooth enabled Credit Card Skimmers planted at Gas Station lead to $2 Million heist

Bluetooth enabled Credit Card Skimmers planted at Gas Station lead to $2 Million heist

Jan 22, 2014
Cyber Criminals will not let any way out without making Money. Another huge Credit Card theft and this time they targeted Gas Stations. 13 men were suspected and charged for stealing banking information, using Bluetooth enabled Credit Card Skimmers planted on the gas stations throughout the Southern United States. They made more than $2 Million by downloading the ATM information, as well as PIN numbers from the gas pumps and then used the data to draw cash from the ATMs in Manhattan. Manhattan District Attorney Cyrus R. Vance explained the operation that the skimming devices were internally installed so was undetectable to the people who paid at the pumps and the devices were Bluetooth enabled, so it did not need any physical access in order to obtain the stolen personal identifying information. " By using skimming devices planted inside gas station pumps, these defendants are accused of fueling the fastest growing crime in the country. Cybercriminals and ident
Hackers stole money from European ATMs using Malware-loaded USB Device

Hackers stole money from European ATMs using Malware-loaded USB Device

Jan 02, 2014
Hacking ATM Machines is nothing new, but it seems that instead of relying on ATM skimmers now some smart hackers in Europe are reportedly targeting ATM Machines using Malware -loaded USB drives to steal money. Most of the world's ATMs are running on Windows XP operating system, which is highly vulnerable to Malware attacks. Just like your Desktop Laptops, some ATMs also have USB sockets, which is hidden behind the ATM's fascia. The German security researchers who discovered the hack detailed their findings at the Chaos Computing Congress in Hamburg, Germany recently. They said that the thieves cut holes in the fascia to access a USB port and then uploaded malware to the machines. The malware creates a backdoor that can be accessed on the front panel. " These researchers explained that the malware allowed the thieves to create a unique interface on the ATMs by typing in a 12-digit code. This interface allowed for withdrawal and also showed the criminals the amount of money and e
40 Million Credit Card accounts affected in massive data breach at 'Target' Stores during Black Friday

40 Million Credit Card accounts affected in massive data breach at 'Target' Stores during Black Friday

Dec 19, 2013
If you have shopped something during the Black Friday weekend from Target's U.S based Retailer stores, then please pay serious attention - Your Credit and Debit card account may have been at Risk. There are more than 1,500 Target stores throughout the U.S and 40 Million credit and debit card accounts of Target's customers may have been stolen during the height of the holiday shopping season, according to a statement  published by the company. Somehow thieves allegedly gained access to personal data in stores when customers swiped their cards at the register. That information is then typically sold to buyers who then make bogus debit or credit cards with it. So the customers who made purchases by swiping their cards at terminals in its U.S. Stores between November 27 and December 15 may have been exposed.  Krebs who broke the story reports that the breach does not impact shoppers who purchased items online. Target has not disclosed exactly how the data breach occurr
Hacker jailed for ATM skimming invented ATM security scheme

Hacker jailed for ATM skimming invented ATM security scheme

May 19, 2013
A Romanian man serving a five-year jail sentence in Romania for his involvement in an ATM skimming scheme, has developed a device designed to protect ATMs from such attacks. 33-year-old Valentin Boanta who is being detained in a prison from Vaslui, Romania, after he was convicted on charges of bank card fraud in 2009, developed what he calls the SRS (Secure Revolving System) which changes the way ATM machines read bank cards to prevent the operation of skimming devices that criminals hide inside ATMs. " When I got caught I became happy. This liberation opened the way to working for the good side ," Boanta said. " Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction ," Boanta said. Boanta began working on SRS during his trial. SRS, Boanta says, can be installed into any ATM. ATM skimmers work by installing a second, concealed card reader over the one that's built into the ATM. When an unsuspecting bank customer
Expert Insights
Cybersecurity Resources