I had to share this article by Mr. Krebs for a variety of reasons, not the least of which is I have seen ATM’s like this in the wild. It happens far too often and admins and users alike ignore the pitfalls for the sake of convenience. Beware!
ATM
Updated banking malware turns entire ATM into a skimmer
This is an intriguing article. It definitely makes the process of walking up to an ATM and removing cash seem a little scarier. It also puts a larger burden on banks to monitor all aspects of their ATM’s.
Krebs – Crooks Go Deep With ‘Deep Insert’ Skimmers
This is certainly concerning. These types of skimmers are incredibly hard to detect and generally invisible to the ATM user. Use extreme caution when using ATM’s, especially in isolated situations.
http://krebsonsecurity.com/2016/05/crooks-go-deep-with-deep-insert-skimmers/
Skimmers Hijack ATM Network Cables
This is yet another skimming attack for ATM’s. The weaknesses of logical security in these devices (no card encryption prior to transmission) are being exploited by the weaknesses in physical security. A basic daily inspection of these ATM’s could remedy this problem, but employees are not trained or simply do not care.
http://krebsonsecurity.com/2016/02/skimmers-hijack-atm-network-cables/
Krebs – More on Wiretapping ATM Skimmers
This is a disturbing review of the some of the more aggressive attacks against ATMs worldwide. The photos alone tell the story.
http://krebsonsecurity.com/2014/12/more-on-wiretapping-atm-skimmers/
Malware Attacks Against Aging ATMs
Krebs has posted an interesting article/interview concerning increased malware attacks against older ATMs. These attacks appear to be focused toward older NCR devices and Krebs interviews an official with NCR in the article. ATMs still running Windows XP appear to only be the tip of the iceberg with this particular threat.
http://krebsonsecurity.com/2014/10/spike-in-malware-attacks-on-aging-atms/
