The Taiwan authorities are trying to understand how some hackers have managed to trick a bank ATM network by removing over two million dollars in a few hours.
Police suspect two Russian nationals wearing masks. The suspects managed to visit dozens of ATMs of Taiwan's First Bank on Sunday when the country was hit by a hurricane. The fraudsters stole an estimated $ 2,2 million, just hours after the hurricane hit Taipei, the capital of Taiwan.
The two (or maybe even three) fraudsters who carried out the thefts did not use bank accounts cards, as shown by security cameras. The hackers appear to have gained control of the ATMs with a "connected device," possibly a smartphone, according to police.
The violated ATMs were manufactured by German company Wincor Nixdorf, which admits that some of Taiwan's machines have been hacked. Three different kinds of malware were found on the machines.
First Bank and other Taiwan banks stopped withdrawals from their ATMs as a precautionary measure after the attack, and are awaiting the controls that will try to determine how the attack was done.
However, security experts have already come up with some theories trying to explain hack.
Ο Craig Young, ένας ερευνητής ασφάλειας της teamVulnerability and Exposures Research at security firm Tripwire reported:
“The attackers may have come up with another mass ATM hacking technique like the technique Barnaby Jack presented in Black Hat USA 2010. These attacks use malware that reprograms the machine. That's how the cash comes out.
"Some ATMs have network management systems with known default passwords, and in many cases, thieves can and do access USB ports to download malware from a flash drive. From the description, it is heard that the thieves probably installed malware allowing wireless connection to ATMs. It is also very possible that a vulnerable wireless service could allow unauthorized access to hackers. ”