I read about this one on the Sophos Blog this morning. Sophos's Vanja Svajcer had heard a rumor that some ATMs in Russia had been hacked with Trojan software installed on them. So he checked submissions from VirusTotal and found that there were indeed 3 samples of Trojan code for Windows making Diebold-specific calls. The oldest one was from November.
I called up Diebold, who told me that in January, they started warning customers that criminals in Russia were breaking into Diebold ATMs and installing card-sniffing software and "devices." Suspects have been apprehended in the case, Diebold said.
I don't have a lot more details, but here are two letters Diebold sent out to customers. They're pretty interesting.
| Attachment | Size |
|---|---|
| diebold-1.pdf | 81.68 KB |
| diebold-2.pdf | 48.91 KB |
this is just one of dozens of examples of skimming. bluetooth POS data interception-soldering chips into POS-intercepting the phone lines the data is travelling on-ATM skimming.....its the big money making crime of east european gangs, let loose after 1989 when former warshaw pact states´secret service specialist lost their jobs and joined organized crime. They made so much money in the last 20 years, they now own banks! Law enforcement slept or was kept @ bay and now its all too late....good night sleep tight
The link to Vanja Svacjer's blog entry on this topic appears to be broken.
It should be http://www.sophos.com/security/blog/2009/03/3577.html
Cheers
Graham
I was one of those customers that got ripped off!
I am an expat living in Russia. Couple months ago I noticed an unauthorized withdrawal on my debit card from a small town in Russia. I called Wells Fargo's bank fraud department and they said it all looked like a legit transaction. I knew some bad people must have compromised one of the ATMs I used.
Called it!
Post new comment