Monday, 21 November 2016

FBI: US ATMs Could Be Hacked to Spew Cash

The FBI is warning that potential ATM attacks, similar to those in Taiwan and Thailand that caused ATMs to dispense millions, could happen in the US.
The FBI said in a recent bulletin that it was “monitoring emerging reports indicating that well-resourced and organized malicious cyber-actors have intentions to target the US financial sector.” Now, the Wall Street Journal has reported that the threat could be linked to malicious software used by the Russian gang known as Buhtrap, known for stealing money thorugh fraudulent wire transfers. Sources said that the group has been testing ATM hacking techniques on Russian banks, and will soon look to try them out on financial institutions in other countries.
The first such attack on an ATM system was reported in the Taiwanese capital Taipei in July, after 22 thieves made off with $2.6 million from ATMs around the country by causing them to spit out cash. Criminals from eastern Europe and Russia are said by police to have used malware to infiltrate cash machines run by First Commercial Bank. Three suspects were eventually arrested in Taipei and north-east Taiwan, with around half the money recovered.
A similar attack was reported at the Government Savings Bank in Thailand the following month. There, the Ripper malware was used in a sophisticated campaign to steal 12 million baht (£265,400) from ATMs in Thailand. Ripper targets three major global ATM manufacturers, and is unusual in that it interacts with the targeted machine via a specially crafted bank card featuring an EMV chip which acts as an authentication method.