Russian scammers infect Diebold ATMs
Thursday, March 19, 2009
Cybercriminals have figured out how to infect Windows-based Diebold ATMs with malware capable of skimming credit card numbers and passwords, security experts said.
The malware has only affected Russian, Ukranian and American currency transactions within Russia, Diebold has confirmed. Security experts said the malware uses insider access rather than an external device.
The cybercriminal would have to return to the hacked ATM to swipe a special card that instructs the machine to issue a receipt containing the stolen information.
Security experts said the cybercriminals figured out how to access the Diebold DLL (dynamic-linked library) and that the malware had to issue the right code to pull protected information.
Diebold disclosed that it issued a security update in January for its ATMs running a Windows-based operating system.
The company said in a letter to its customers that machines in Russia had been infected but did not provide specifics on the attacks.
Security experts said the nature of the attacks make it unlikely the ATM scam will spread far. The ATM skimmer’s exposure in recovering the data when coming back to get the device makes it too risky.
Related News:
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
Report: 'At least 34' firms attacked at the same time as Google - 1.15.2010
The Washington Post asserts that many U.S. companies were targeted in the same network security and email breach that affected Google and provoked the company's highly publicized spat with the Chinese government.
|
