The Taiwan authorities are trying to understand how some hackers have managed to trick a bank ATM network by removing over two million dollars in a few hours.
Police suspect two Russian nationals wearing masks. The suspects managed to visit dozens of ATMs of Taiwan's First Bank on Sunday when the country was hit by a hurricane. The fraudsters stole an estimated $ 2,2 million, just hours after the hurricane hit Taipei, the capital of Taiwan.
The two (or maybe three) fraudsters who committed the thefts did not use bank cards, as security cameras show. The hackers appear to have gained control of the ATMs, with a "connected device," possibly a smartphone, according to police.
The hacked ATMs were manufactured by German company Wincor Nixdorf, which admits that some of the machineTaiwan's eyes were hacked. Three different types of malware were found on the machines.
First Bank and other Taiwan banks stopped withdrawals from their ATMs as a precautionary measure after the attack, and are awaiting the controls that will try to determine how the attack was done.
However, security experts have already come up with some theories trying to explain hack.
Craig Young, a team security researcher Vulnerability and Exposures Research at insurance company Tripwire reported:
"The attackers may have found another mass ATM breach, such as the technique introduced by Barnaby Jack at Black Hat USA 2010. These attacks use malware that reprograms the machine. This is how cash comes out.
“Some ATMs have network management systems with known default passwords, and in many cases, thieves can and do access USB ports to load malicious λογισμικό από μια unit flash. Από την περιγραφή, ακούγεται ότι οι κλέφτες πιθανά εγκαταστήσαν κακόβουλο λογισμικό επιτρέποντας την ασύρματη σύνδεση στα ΑΤΜ. Είναι επίσης πολύ πιθανό ότι μια ευάλωτη ασύρματη υπηρεσία θα μπορούσε να επιτρέψει μη εξουσιοδοτημένη πρόσβαση στους hackers.”
