'Cash machines raided with infected USB sticks' diff viewer (1/2)

This article is from the source 'bbc' and was first published or seen on December 30, 2013 13:54 (UTC). It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.bbc.co.uk/news/technology-25550512

The article has changed 3 times. There is an RSS feed of changes available.

Previous version 1 2 Next version

Previous version 1 2 Next version

Version 1	Version 2
Cash machines raided with infected USB sticks	Cash machines raided with infected USB sticks
2013-12-31 03:15:34 UTC	2014-01-02 20:05:09 UTC (3 days later)
Researchers have revealed how cyber-thieves sliced into cash machines in order to infect them with malware earlier this year.	Researchers have revealed how cyber-thieves sliced into cash machines in order to infect them with malware earlier this year.
The criminals cut the holes in order to plug in USB drives that installed their code onto the ATMs.	The criminals cut the holes in order to plug in USB drives that installed their code onto the ATMs.
~~Details of the attacks on an unnamed European bank's cash dispensers were presented at the hacker-themed Chaos ~~Computing~~ Congress in ~~Hamburg,~~ ~~Germany.~~~~	Details of the attacks on an unnamed European bank's cash dispensers were presented at the hacker-themed Chaos Communication Congress in Hamburg.
The crimes also appear to indicate the thieves mistrusted each other.	The crimes also appear to indicate the thieves mistrusted each other.
The two researchers who detailed the attacks have asked for their names not to be published	The two researchers who detailed the attacks have asked for their names not to be published
Access code	Access code
The thefts came to light in July after the lender involved noticed several its ATMs were being emptied despite their use of safes to protect the cash inside.	The thefts came to light in July after the lender involved noticed several its ATMs were being emptied despite their use of safes to protect the cash inside.
After surveillance was increased, the bank discovered the criminals were vandalising the machines to use the infected USB sticks.	After surveillance was increased, the bank discovered the criminals were vandalising the machines to use the infected USB sticks.
Once the malware had been transferred they patched the holes up. This allowed the same machines to be targeted several times without the hack being discovered.	Once the malware had been transferred they patched the holes up. This allowed the same machines to be targeted several times without the hack being discovered.
To activate the code at the time of their choosing the thieves typed in a 12-digit code that launched a special interface.	To activate the code at the time of their choosing the thieves typed in a 12-digit code that launched a special interface.
Analysis of software installed onto four of the affected machines demonstrated that it displayed the amount of money available in each denomination of note and presented a series of menu options on the ATM's screen to release each kind.	Analysis of software installed onto four of the affected machines demonstrated that it displayed the amount of money available in each denomination of note and presented a series of menu options on the ATM's screen to release each kind.
The researchers said this allowed the attackers to focus on the highest value banknotes in order to minimise the amount of time they were exposed.	The researchers said this allowed the attackers to focus on the highest value banknotes in order to minimise the amount of time they were exposed.
But the crimes' masterminds appeared to be concerned that some of their gang might take the drives and go solo.	But the crimes' masterminds appeared to be concerned that some of their gang might take the drives and go solo.
To counter this risk the software required the thief to enter a second code in response to numbers shown on the ATM's screen before they could release the money.	To counter this risk the software required the thief to enter a second code in response to numbers shown on the ATM's screen before they could release the money.
The correct response varied each time and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed.	The correct response varied each time and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed.
If they did nothing the machine would return to its normal state after three minutes.	If they did nothing the machine would return to its normal state after three minutes.
The researchers added the organisers displayed "profound knowledge of the target ATMs" and had gone to great lengths to make their malware code hard to analyse.	The researchers added the organisers displayed "profound knowledge of the target ATMs" and had gone to great lengths to make their malware code hard to analyse.
However, they added that the approach did not extend to the software's filenames - the key one was called hack.bat.	However, they added that the approach did not extend to the software's filenames - the key one was called hack.bat.