Tuesday, August 14, 2018

'Cashout': FBI Warns Of Imminent Global ATM Hack



"Cashout": FBI Warns Of Imminent Global ATM Hack



The FBI is warning of an "imminent" global cyberattack on ATM machines that could result in millions of dollars withdrawn from bank accounts far and wide, in a similar "cash-out" attack to one in 2009 which hit ATMs worldwide to the tune of $9 million


"The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an 'unlimited operation'," according to an FBI alert to banks that was obtained by noted cybersecurity expert Brian Krebs
Krebs describes it as a "highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours." 
"Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities. The FBI expects the ubiquity of this activity to continue or possibly increase in the near future," the FBI statement reads. 
In other words, financial institutions which haven't upgraded to the latest and greatest in security measures are vulnerable to attack. And since banks will likely reimburse anyone affected by the breach, the FBI's warning should particularly interest small-to-mid sized banks using outdated technology. 
In July, two similar "unlimited operation" attacks resulted in losses of $2.4 million from the National Bank of Blacksburg according to Krebs, who broke the story. 
Meanwhile, the FBI is advising banks on best security practices, such as two-factor authentication using physical or digital tokens, as well as beefed up password requirements. 
The FBI issued a similar alert in 2009, after a "wave of thieves fanned out across the globe nearly simultaneously. With cloned or stolen debit cards in hand—and the PINs to go with them—they hit more than 2,100 money machines in at least 280 cities on three continents, in such countries as the U.S., Canada, Italy, Hong Kong, Japan, Estonia, Russia, and the Ukraine."

When it was all over—incredibly within 12 hours—the thieves walked off with a total of more than $9 million in cash. And that figure would’ve been more had the targeted ATMs not been drained of all their money.
The alleged masterminds of this slick scheme—prosecutors charged earlier this month following an extensive FBI investigation assisted by other federal agencies and our partners around the globe—were three 20-something Eastern Europeans and an unnamed person called simply “Hacker 3.” -FBI (via archive.is)

We're sure the establishment's cashless society will fix all these annoying vulnerabilities. 







The Federal Bureau of Investigation (FBI) has issued an alert for a "choreographed mass attack on Automated Teller Machines (ATM's)" wherein thieves use fraudulent cards to steal millions from ATM's worldwide in a matter of minutes.
Banks have been warned of an imminent threat that their cash machines could be mass-hacked by cyber criminals.
In a confidential alert on Friday, FBI told international banks that criminals are plotting a concerted global malware attack on cash machines in the next few days. 
The FBI issued a warning about a highly choreographed fraud scheme known as an ATM "jackpotting", in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to take out millions in just a few minutes. 
UK-based banks with large international operations, such as HSBC and Barclays, are among those thought to have been made aware of the threat. 
“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach,” the FBI warning said, according to Krebs on Security, which originally reported the alert.  (HT Comment: If it is an UNKNOWN breach, why today's warning??????? How can they warn of something  stemming from an UNKNOWN  . . . that is going to take place within days?????)

The method usually involves physical access to a cash machine using specialized electronics and malware to take over the system and force it to dispense cash until it is empty.
Andrew Bushby, UK director at Fidelis Cybersecurity, said: “UK banks are a likely target – and this latest ‘ATM cash-out blitz’ will no doubt send shockwaves to financial institutions."
He added: "Whilst the financial services industry is heavily regulated, it doesn’t make banks immune from being attacked by cybercriminals... UK banks need to urgently take a look at their security posture."
Smaller, independent banks are considered the most vulnerable to such attacks, according to NCC Group, a cyber-security consultancy firm.
Ollie Whitehouse, global chief technology officer at NCC, said that criminals tend to target smaller banks that issue debit cards but which may have less stringent security systems. 
"It's a symptom of organised crime becoming more capable, as they [criminals] become emboldened they are able to do these orchestrated activities," he said.
In one incident in Thailand in 2016, thieves made off in minutes with 12 million baht or about £280,000 from cash machines by targeting ATMs run by Government Savings Bank, a state-owned Thai bank based in Bangkok.

In another case in the US, criminals siphoned about $570,000 in cash from  ATMs operated by the National Bank of Blacksburg  in two separate attacks in 2016 and 2017.
Ross Brewer, a cyber security expert with LogRhythm, said: "This case may have been identified in the US, however it is a global attack and, if successful, has the potential to have widespread implications. UK banks should be concerned and need to be putting measures in place that ensure they can identify anomalous activity that could indicate the start of this attack." 
Cyber criminals typically steal credit card data to create fraudulent copies of legitimate cards on reusable magnetic strip cards, the FBI warned. At a pre-determined time, the fellow conspirators withdraw account funds from ATMs using these cards and alter bank balances to force a cash machine to dispense all of its money.




No comments: