Threat Management, Vulnerability Management

ATM hackers drilling for money

Cybercriminals in Russia and Europe have found a weak spot in some ATM machines that allow them to access a vital bus giving them complete control of the unit's cash dispensing system.

Kaspersky Labs uncovered the hack when an unnamed bank asked the company to investigate what the bank robbers did to one of its ATMs, wrote Kaspersky researcher John Snow. Unlike more sophisticated attacks that use remote code execution to empty an ATM, these guys used the direct approach where they drilled a 1.5-inch hole near the keypad.

The hole is directly above a 10-pin header that connects to a bus that can control all the ATM's components, including the part that spits out money.

Snow said the Kaspersky team built a small circuit board, costing $15, to control the ATM and used it to make the machine empty its coffers. He added, that a laptop could be configured to handle the job.

Related

Record low ransomware payment prevalence observed

Only 28% of ransomware attack-hit organizations have fulfilled their attackers' extortion demands during the first three months of 2024, which is the lowest on record, potentially due to increased protective measures and mounting legal concerns stemming from paying such demands, BleepingComputer reports.

New tool used in China-linked attacks against Asia-Pacific

Intrusions with the Waterbear backdoor and its updated variant dubbed "Deuterbear" have been deployed by China-linked threat operation BlackTech — also known as Earth Hundun, Manga Taurus, Circuit Panda, Temp.Overboard, Palmerwom, Red Djinn, and HUAPI — against government, research, and technology organizations across the Asia-Pacific, reports The Hacker News.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.