Diebold says hackers put Trojan on Russian ATMS
Tue, 2009-03-17 22:17

I read about this one on the Sophos Blog this morning. Sophos's Vanja Svajcer  had heard a rumor that some ATMs in Russia had been hacked with Trojan software installed on them. So he checked submissions from VirusTotal and found that there were indeed 3 samples of Trojan code for Windows making Diebold-specific calls. The oldest one was from November.

I called up Diebold, who told me that in January, they started warning customers that criminals in Russia were breaking into Diebold ATMs and installing card-sniffing software and "devices."  Suspects have been apprehended in the case, Diebold said.

I don't have a lot more details, but here are two letters Diebold sent out to customers. They're pretty interesting.

AttachmentSize
diebold-1.pdf81.68 KB
diebold-2.pdf48.91 KB
Reader Feedback
Thu, 2009-03-19 07:58
this is just one of dozens

this is just one of dozens of examples of skimming. bluetooth POS data interception-soldering chips into POS-intercepting the phone lines the data is travelling on-ATM skimming.....its the big money making crime of east european gangs, let loose after 1989 when former warshaw pact states´secret service specialist lost their jobs and joined organized crime. They made so much money in the last 20 years, they now own banks! Law enforcement slept or was kept @ bay and now its all too late....good night sleep tight

Wed, 2009-03-18 09:55
Link to Sophos blog article

The link to Vanja Svacjer's blog entry on this topic appears to be broken.

It should be http://www.sophos.com/security/blog/2009/03/3577.html

Cheers
Graham

Wed, 2009-03-18 09:42
I was one of those customers
By Anonymous

I was one of those customers that got ripped off!

I am an expat living in Russia. Couple months ago I noticed an unauthorized withdrawal on my debit card from a small town in Russia. I called Wells Fargo's bank fraud department and they said it all looked like a legit transaction. I knew some bad people must have compromised one of the ATMs I used.

Called it!

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
* Denotes a required field
E-GUIDE
Log Management in a Cyber World

ArcSight With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.

» Read this eGuide

WHITE PAPER
Comparing Research in Motion and Microsoft Mobile Solutions

Microsoft Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.

» Read this White Paper