Bank Employee Plants Malware on ATMs 171
Wired's Threat Level has a piece on a Bank of America employee, Rodney Reed Caverly, who has been charged with installing malware on ATMs in North Carolina. Caverly, who worked on the bank's IT staff, allegedly withdrew cash untraceably from the ATMs over a period of 7 months last year. "The charges were filed the same day that credit card company Visa warned the banking industry that Eastern European ATM malware recently showed up in America for the first time. That code, initially spotted last year on some 20 ATMs in Russia and Ukraine, was designed primarily to capture PINs and bank card magstripe data, but also allowed thieves to instruct the machine to eject whatever cash was still in it... At least 16 versions of the East European malware have been found so far and were designed to attack ATMs made by Diebold and NCR, according to the April 1 Visa alert. There is no information tying the malware found in Russia with the malware allegedly used by Caverly."
Poor Diebold ATM programming (Score:5, Interesting)
To put a long story short, those things are not well-programmed.
Re:hmm... (Score:5, Interesting)
who has been charged with installing malware on ATMs in North Carolina. Caverly, who worked on the bank's IT staff, allegedly withdrew cash untraceably from the ATMs over a period of 7 months last year.
Wait - so if they caught the guy, how the hell is that untraceable?
Just because you don't follow the money doesn't mean you aren't tracing.
Re:Great (Score:4, Interesting)
Although I hear diebold does better with ATM's, I can't help but wonder how much effort they put into ATM security versus the voting machine fiasco.
Meanwhile, ATM's have always been pretty shoddy on security. It's a given. People essentially have physical access to the device.
I wonder if it would be better to have ATM's running a virtual or other remote hosted ATM client so that nothing is hosted on the ATM directly? Or is this already being done in some places?
Question.... (Score:5, Interesting)
Will not use BoA atms! (Score:4, Interesting)
And I suggest you do not use them either. They just operate and behave wrongly, even when they don't have malware installed.
They're slow. -- ATM's in the 80's were faster.
They're obviously running window XP. -- The standard windows sounds are used.
Re:Poor Diebold ATM programming (Score:1, Interesting)
Yes, the Diebold atms software does suck, and the software looks like ancient (probably 16 bit) software written by monkeys running on top of windows XP. If it runs long enough, you have to go in and allow more swap space (for some reason windows management of the swap don't work well for their software) and reboot, or simply reboot if you forgot to do the required weekly reboot. This spells a serious memory leak to me.
I have on occasion looked at the monitor and keyboard inside the bank when it would crash with out of memory resources condition (they use a keyboard/monitor extender that works over regular cat 5 to get those into the building, which I think in itself is a security issue...yea the atm is locked, but with the correct extender box, you could tap into the cat 5 that is right in the open and control the atms keyboard and mouse).
Re:WinXP (Score:1, Interesting)
A couple of years back, I saw an engineer fixing one of the mini-ATMs you get in bars and rest stops, and it booted in to IBM OS/2 Warp - bet eastern European hackers would have trouble cracking that one.
Re:WinXP (Score:4, Interesting)
Re:UNfortunately (Score:1, Interesting)
And Communism in Russia failed because it wasn't true Communism. Please give true Communism a chance.
Article mentions ATM fraud in Ukraine and Russia (Score:3, Interesting)