RESEARCHERS HAVE SHOWN how thieves were able to hack into ATMs and steal cash from a major European bank earlier this year.
The methods used were demonstrated at the Chaos Computing Congress, an annual event which brings together the international hacking community, in Hamburg, Germany.
The BBC reports how the bank noticed several of its ATMs being emptied despite its use of safes to protect the cash inside.
After it increased its surveillance, it found that the thieves were cutting holes in the ATMs to access the machine’s USB ports. They could plug in USB drives that would install malware onto the machine.
Once it was installed, the thieves would patch up the holes, allowing them to target the same machine several times and prevent discovery. Later on, they could return to the ATM and enter a 12-digit code to launch a custom interface, giving them access to the machine.
The researchers found the thieves would focus on the highest value banknotes to reduce the chances of being discovered. However, before they could access the money, a second code was required which would differ each time.
The thief was required to ring a second member and tell them the number displayed before they got the right code.
This was because the thieves didn’t trust each other and were worried that some of their members would go solo and take the money for themselves. If they did nothing for three minutes, the machine would return to their normal state.