Â
The U.S. machine manufacturer Diebold does not have an easy time. First, the company
because of its voting machines in the criticism, now turn out even its ATMs as vulnerable. The computer security firm Sophos says its experts have been on Diebold machines in Russia, the Trojan Troj / Skim-A were identified. According to Sophos, the malware into the computer ATMs have been introduced to the PINs and bank card numbers of customers' behavior.
DPA
Money from the vending machine: In Russia, such machines have been tampered with by criminals
If the message as correct turn, this would be probably the first serious case in which criminals to users of ATMs are not from outside but from inside, so to speak Abzocke. So far, namely, limited experiments, the data of cash and credit card users to comment, usually to provide additional hardware to install the devices. So are many documented cases in which tiny cameras attached to the machine, which manipulated keypads and additional card readers before the actual input slot in order to map data of the customers to come.
In the current case, the thieves have their own software, a Trojan is to install the ATM, writes Vanja Svájc, senior virus researcher at Sophos, in
SophosLabs blog. The specialist gave himself such attacks so far impossible. As arguments, it is that ATMs
mostly use proprietary operating systems.
even if they use Windows, usually a custom embedded version of Windows is used.
de machines used in the hardware and software is not publicly documented, so it would be very difficult to access a software to find.
ATMs usually only to closed internal networks are connected to the outside no access is possible.
Any attempt to introduce such a device to open and manipulate built sensors would be detected.
The fact that there now appears to have succeeded yet, a Trojan on such devices einzuschleusen concludes Svájc that the attacker access to the machines must have had. Moreover, he made the way the malicious software to manipulate and vending machines are not documented exploits software routines that programmers involved deep knowledge of the Diebold software must have.
As is clear from two documents indicating that Robert McMillan of the
CSO Security website online has its Diebold customers informed about the incident. Moreover, according to the company already suspects have been arrested.
Even German ATM manufacturer would use under Microsoft Windows and are therefore potentially vulnerable to malware infections and manipulations, it is said by Sophos. These attacks on ATM machines were intended for cyber criminals, however much more complex than attacks on computers, because they, for example, a direct, physical access to the machines require. A massive spread of such attacks Abzocke was therefore initially not to fear, calms the company.
No comments:
Post a Comment