News
Crooks launch new, 'black box' ATM hack
A 'novel and complex' new physical attack involves a mobile phone and a circuit board plugged into the ATM's core.
January 9, 2015
According to the Krebs on Security blog, criminals have begun using a "novel and complex" new method to steal cash from ATMs.
In this so-called "black box" attack, thieves gain physical access to the ATM in order to disconnect the cash dispenser from the core system and then install a controlling device that allows them to instruct the machine to dispense its cash.
This aspect of the crime — gaining control over the dispenser by means of another device — is already well known to legal authorities. But in the latest version of the attack, commands are sent from a remote server to a mobile phone connected to the cash machine.
According to the Krebs report, this indicated that the "boss" of the operation was issuing commands from a remote location, tracking cash issued in order to prevent underlings (or "mules") from skimming the proceeds.
In another twist, the crooks connect a circuit board to the core, fooling it into thinking the dispenser is still connected.
This nonessential step is most likely a tactic to delay the discovery that the machine has been tampered with, the report said.
Related Media
SecurityPresented ByDiebold Nixdorf
Subscribe
Get the latest news and resources from ATM Marketplace.
Recent Posts
