"SKULDUGGERY," says Andrew Henwood, "is a very good word to describe what this extremely advanced, cleverly written malware gets up to. We've never seen anything like it." What he has discovered is a devious piece of criminal coding that has been quietly at work in a clutch of cash machines at banks in Russia and Ukraine. It allows a gang member to walk up to an ATM, insert a "trigger" card, and use the machine's receipt printer to produce a list of all the debit card numbers used that day, including their start and expiry dates - and their PINs. Everything needed, in fact, to clone those cards and start emptying bank accounts. In some cases, the malicious software even allows the criminal to eject the machine's banknote storage cassette into the street.
The software is the latest move in a security arms race after banks and consumers got wise to the fitting of fake fascias onto ATMs. These fascias have been criminals' main way of using ATMs to get the details they need to clone cards. They contain a camera to spy on PINs being entered on the keypad, and a card reader to skim data from the card's magnetic stripe. It's big business: across Europe, losses due to such fraud grew by 11 per cent to €484 million in 2008, according to the European ATM Security Team (EAST), funded by the European Union and based in Edinburgh, UK
Banks responded by investing in anti-skimming technology - which can detect a fake fascia overlay and disable the ATM. So crooks are developing new tricks, which are being uncovered by Henwood and his colleagues at SpiderLabs, a computer forensics research centre in London.
Posts
No comments:
Post a Comment