Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062

["Nathan Landon" <nathan.landon () digitaloperatives com>]

Oh,   and they also reported that he used a  PrePaid Debit Card so they
couldn't track who it belonged to.

This was on Fox News in Virginia.   (trustworthy source?)

Nate


On 9/15/06, Nathan Landon <nathan.landon () digitaloperatives com> wrote:
>  They showed it on the news here in Virginia.   They have security camera
> footage of the guy who they believe is the perpetrator trying to pull out
> $250 and getting $1000.   He did this twice apparently.   He doesn't look
> like the "engineer" type.   They reported that he was able to turn on the
> glitch through a series of entered numbers.    Doubtful he knew what he was
> doing otherwise he could have turned it off between attempts.
>
> It took 9 days apparently to catch the error when a good samaritan noticed
> that they got more than they asked for and reported it.
>
> It smells to me that it was either an inside job or a disgruntled
> employee.
>
> Nate
>
> --
>
> Nathan Landon
> President Digital Operatives
> www.digitaloperatives.com
>
>
>
>  On 9/15/06, Dave Korn <dave.korn () artimi com > wrote:
> >
> > On 15 September 2006 12:43, Halvar Flake wrote:
> >
> > > Somebody tell me that the stuff in the subject is
> > > a joke.
> > >
> > > Cheers,
> > > Halvar
> >
> >
> > Hmmf.  It comes across as dubious at first sight, but if the guy did get
> > some kind of engineer's access to the ATM, he could perhaps mis-program
> > it as
> > to which kind of bills were loaded into which columns/containers in the
> > cash
> > bay.  (Correct me if I'm wrong, but aren't all dollar bills the same
> > size?
> > This approach could not work in the UK where different denominations are
> > of
> > different sizes and need to be loaded into differently-sized cassettes
> > which
> > then automatically cue the machine as to the nature of the notes loaded
> > into
> > them).
> >
> > It also sounds like a garbled reference to 2FA - the swipe card would be
> > a
> > special engineer's identifier, and the "series of numbers" that he
> > entered
> > would not have been "breaking the code", but merely misusing a
> > legitimate
> > authority.
> >
> > I guess we need to see a more technical report before we can reach
> > conclusions, but that's my attempt to read between the lines: it's not a
> > joke,
> > it's just what happens when a non-technical reporter attempts to cover a
> > hi-tech crime story.
> >
> >
> >    cheers,
> >      DaveK
> > --
> > Can't think of a witty .sigline today....
> >
> > _______________________________________________
> > Dailydave mailing list
> > Dailydave () lists immunitysec com
> > http://lists.immunitysec.com/mailman/listinfo/dailydave
> >



--
Nathan Landon
President
Digital Operatives
www.digitaloperatives.com
Phone: 808-221-9172



Need a first-class ISP for your business?
Digital Operatives is a Speakeasy Partner.
Call me directly to find out about low prices on Business Class Services
including T-1, ADSL, and VOIP.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave