The Taiwan authorities are trying to understand how some hackers have managed to trick a bank ATM network by removing over two million dollars in a few hours.
Police suspect two Russian nationals wearing masks. The suspects managed to visit dozens of ATMs of Taiwan's First Bank on Sunday when the country was hit by a hurricane. The fraudsters stole an estimated $ 2,2 million, just hours after the hurricane hit Taipei, the capital of Taiwan.
The two (or maybe three) crooks who carried out the thefts did not use bank cards, as security cameras show. The hackers appear to have gained control of the ATMs, with a "connected device," possibly one smartphone, according to police.
The hacked ATMs were manufactured by the German company Wincor Nixdorf, which admits that some of the Taiwan machines were made hacked. Three different types of malware were found on the machines.
First Bank and other Taiwan banks stopped withdrawals from their ATMs as a precautionary measure after the attack, and are awaiting the controls that will try to determine how the attack was done.
However, security experts have already come up with some theories trying to explain hack.
Craig Young, a security researcher of the Vulnerability and Exposures Research team at Tripwire, said:
"The attackers may have found another mass ATM breach, such as the technique introduced by Barnaby Jack at Black Hat USA 2010. These attacks use malware that reprograms the machine. This is how cash comes out.
“Some ATMs have systems managementς δικτύου με γνωστούς προεπιλεγμένους κωδικούς πρόσβασης, και σε πολλές περιπτώσεις, οι κλέφτες μπορούν και έχουν πρόσβαση σε θύρες USB για να φορτώσουν malicious λογισμικό από μια μονάδα flash. Από την περιγραφή, ακούγεται ότι οι κλέφτες πιθανά εγκαταστήσαν κακόβουλο λογισμικό επιτρέποντας την ασύρματη σύνδεση στα ΑΤΜ. Είναι επίσης πολύ πιθανό ότι μια ευάλωτη ασύρματη service could allow unauthorized access to hackers.”
