Cybercriminals are constantly finding new ways to break through security features but this method might surprise you…
It sounds far-fetched but a European bank really did have its cash machines hacked by thieves who used USB drives loaded with malware to steal large sums of money. The story was revealed by researchers at the Chaos Computing Congress in Germany and told of how the bank began to notice money mysteriously disappearing in the summer of this year.
So, how were the hackers pulling off such a heist? Essentially, by injecting a code into the ATMs. Giving a new meaning to the phrase ‘hole in the wall’, the criminals created actual holes in the machines to plug in the USBs, which then transferred the code. When activated, using a 12 digit cipher, the installed malware would bring up an interface allowing the thieves to choose from and eject several denominations of bank note.
Not only this, the bunch of USB bandits had also implemented a security measure amongst themselves – a second twelve digit code on the ATM’s screen that required the user to ring up another co-criminal to ascertain the correct response. The bank realised what was happening when they increased surveillance after noticing the suspicious withdrawals.
This is the latest in a line of successful cyber-attacks on financial institutions. NatWest revealed this week that it had once again been hit by a huge DDoS attack.
Once again, it seems that cybercriminals have been cashing in on vulnerabilities in our security set-ups, exposing the companies and industries that we, the public, would expect to be locked down. If a bank can repeatedly fall prey to cyber-attacks, it’s proof that we must be more proactive and less reactive when it comes to cybercrime.
If you would like to find out about UKFast’s DDoS mitigation services, feel free to give us a call on 0208 045 4945