Sydney ATMs Hacked, Scammed by Romanian Thieves

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://au.ibtimes.com/articles/499369/20130816/sydney-atms-hacked-scammed-romanian-thieves-atm.htm#.Ug4C0_G9y2A

Sydney ATMs from two major banks across Sydney, had been found
compromised due to scamming activities by Romanian thieves employing
"virtually undetectable" technology.

The Romanian gang had already targeted 15 ATMs across Sydney obtaining
approximately $100,000 stolen cash according to reports from police.
Those ATMs reportedly compromised were located in the southern suburbs
and northern beaches but police refused to name the banks.

There had also been few ATMs affected in Sydney's west and CBD. Police
warned all ATM account users to check with their card for any
malicious transactions. Police said that the Romanian thieves will
possibly move from one capital city of Australia to another.

In a report from Financial Review, detective superintendent Col Dyson
said that the Romanian thieves were using highly advanced skimming
device to steal cash from ATM holders.

A skimming device used by the thieves can be installed in the ATM just
within seconds. However, Mr Dyson said that without the users' pin, it
will be impossible for the Romanian thieves to carry out their crimes.
Hence, Mr Dyson advised everyone to cover with one hand the other hand
that is typing their pin.

"These devices are very sophisticated when compared with those from
the past ... It's virtually undetectable. They may still gain the data
but that is virtually useless to them without the pin," Mr Dyson said.

In an interview with ItNews, Mr Dyson detailed that the Romanian gang
target those ATMs with highly technological skimming device and those
installed with video camera. He said that the gang were using 3D
printers and CAD technology.

"These devices are actually manufactured for specific models of ATMs
so they fit better and can't be detected as easily. Parts of the
devices are internally fitted, either by the offenders moving part of
the slot and replacing it with their own, and pushing circuitry into
the machines. [Another model] is so small it's entirely self-contained
and entirely pushed in, with some force, into the card slot. They're
getting smaller and smaller with time. They're trained down at the
keypad where the pin is entered," Mr Dyson explained.

According to Mr. Dyson, skimmers like the Romanian gang, usually
attack ATMs during busy hours. They situate themselves 100m from the
ATM in order to access all their needed data. Those data retrieved
will then be copied to fake and blank ATM cards which then allows them
to withdraw money from unsuspecting ATM users.

Mr. Dyson also explained that the scheme used by the Romanian thieves
to access Sydney ATMs were never before been detected in Sydney.

 "Previous devices have always had wires hanging off them. One of the
ones used now does have wires hanging off it, that's because of the
design of the ATM. But the smallest one is quite impressive in that it
is contained within a resin block and sealed," Mr. Dyson said.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.