The Taiwan authorities are trying to understand how some hackers have managed to trick a bank ATM network by removing over two million dollars in a few hours.
Police suspect two Russian nationals wearing masks. The suspects managed to visit dozens of ATMs of Taiwan's First Bank on Sunday when the country was hit by a hurricane. The fraudsters stole an estimated $ 2,2 million, just hours after the hurricane hit Taipei, the capital of Taiwan.
The two (or maybe three) fraudsters who committed the thefts did not use bank cards, as security cameras show. The hackers appear to have gained control of the ATMs, with a "connected device," possibly a smartphone, according to police.
The violated ATMs were manufactured by German company Wincor Nixdorf, which admits that some of Taiwan's machines have been hacked. Three different kinds of malware were found on the machines.
First Bank and other Taiwan banks stopped withdrawals from their ATMs as a precautionary measure after the attack, and are awaiting the controls that will try to determine how the attack was done.
However, security experts have already come up with some theories trying to explain hack.
Craig Young, a security researcher of the Vulnerability and Exposures Research team at Tripwire, said:
"The attackers may have found another mass ATM breach, such as the technique introduced by Barnaby Jack at Black Hat USA 2010. These attacks use malware that reprograms the machine. This is how cash comes out.
"Some ATMs have network management systems with known default passwords, and in many cases, thieves can and do access USB ports to download malware from a flash drive. From the description, it is heard that the thieves probably installed malware allowing wireless connection to ATMs. It is also very possible that a vulnerable wireless service could allow unauthorized access to hackers. ”