This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/technology-25550512
The article has changed 3 times. There is an RSS feed of changes available.
Version 1 | Version 2 |
---|---|
Cash machines raided with infected USB sticks | Cash machines raided with infected USB sticks |
(3 days later) | |
Researchers have revealed how cyber-thieves sliced into cash machines in order to infect them with malware earlier this year. | Researchers have revealed how cyber-thieves sliced into cash machines in order to infect them with malware earlier this year. |
The criminals cut the holes in order to plug in USB drives that installed their code onto the ATMs. | The criminals cut the holes in order to plug in USB drives that installed their code onto the ATMs. |
Details of the attacks on an unnamed European bank's cash dispensers were presented at the hacker-themed Chaos Communication Congress in Hamburg. | |
The crimes also appear to indicate the thieves mistrusted each other. | The crimes also appear to indicate the thieves mistrusted each other. |
The two researchers who detailed the attacks have asked for their names not to be published | The two researchers who detailed the attacks have asked for their names not to be published |
Access code | Access code |
The thefts came to light in July after the lender involved noticed several its ATMs were being emptied despite their use of safes to protect the cash inside. | The thefts came to light in July after the lender involved noticed several its ATMs were being emptied despite their use of safes to protect the cash inside. |
After surveillance was increased, the bank discovered the criminals were vandalising the machines to use the infected USB sticks. | After surveillance was increased, the bank discovered the criminals were vandalising the machines to use the infected USB sticks. |
Once the malware had been transferred they patched the holes up. This allowed the same machines to be targeted several times without the hack being discovered. | Once the malware had been transferred they patched the holes up. This allowed the same machines to be targeted several times without the hack being discovered. |
To activate the code at the time of their choosing the thieves typed in a 12-digit code that launched a special interface. | To activate the code at the time of their choosing the thieves typed in a 12-digit code that launched a special interface. |
Analysis of software installed onto four of the affected machines demonstrated that it displayed the amount of money available in each denomination of note and presented a series of menu options on the ATM's screen to release each kind. | Analysis of software installed onto four of the affected machines demonstrated that it displayed the amount of money available in each denomination of note and presented a series of menu options on the ATM's screen to release each kind. |
The researchers said this allowed the attackers to focus on the highest value banknotes in order to minimise the amount of time they were exposed. | The researchers said this allowed the attackers to focus on the highest value banknotes in order to minimise the amount of time they were exposed. |
But the crimes' masterminds appeared to be concerned that some of their gang might take the drives and go solo. | But the crimes' masterminds appeared to be concerned that some of their gang might take the drives and go solo. |
To counter this risk the software required the thief to enter a second code in response to numbers shown on the ATM's screen before they could release the money. | To counter this risk the software required the thief to enter a second code in response to numbers shown on the ATM's screen before they could release the money. |
The correct response varied each time and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed. | The correct response varied each time and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed. |
If they did nothing the machine would return to its normal state after three minutes. | If they did nothing the machine would return to its normal state after three minutes. |
The researchers added the organisers displayed "profound knowledge of the target ATMs" and had gone to great lengths to make their malware code hard to analyse. | The researchers added the organisers displayed "profound knowledge of the target ATMs" and had gone to great lengths to make their malware code hard to analyse. |
However, they added that the approach did not extend to the software's filenames - the key one was called hack.bat. | However, they added that the approach did not extend to the software's filenames - the key one was called hack.bat. |