back to article Card-sniffing trojans target Diebold ATM software

Security researchers from Sophos have discovered sophisticated malware that siphons payment card information out of automatic teller machines made by Diebold and possibly other manufacturers. Sophos researcher Vanja Svajcer found three samples after combing through VirusTotal and a similar online database earlier this month. …


This topic is closed for new posts.
  1. Alan W. Rateliff, II
    Paris Hilton


    "The attack resulted in the estimated loss of tens of millions of pounds."

    And you complain? I still have 40 pounds around my mid-section I am working to get rid of. Luckily gits!

    Paris, she is not around my mid-section.

  2. Anonymous Coward
    IT Angle


    Most ATM estates in this country are managed with Gasper anyways

  3. John Smith Gold badge

    Their ATM's are almost as tough to get stuff into

    as their voting machines are to put votes into.

  4. Oliver Mayes

    Maybe I'm being naïve...

    ...but how exactly does this stuff get into the ATMs? If they have to connect to the net to communicate with the banks then they shouldn't be visible to anyone else, and I can't imagine someone physically opening up one to plug a USB stick in.

  5. Anonymous Coward
    Black Helicopters


    "since the devices, obviously, don't have floppy drives and typically run only on private isolated networks. "

    I work in security and have worked in the past on secure "airgapped" networks that because of some misconfig or deliberate action were anything but.

    I used to house share with a guy who worked for diebold, and we used to have some interesting conversations about virii and other things managing to get onto the "closed atm network". I believe they have a division who continually goes around trying to plug gateways between the atm network and the internet...

    Theres also the possibility of a bank teller in a priviledged position deliberately compromising the atm intentionally , since they do have access to do this. There apparently has been instances...

    If SCADA systems are having issues, you can bet diebold is firefighting their albeit a bit more stealthily....

    Mines the coat stuffed full of real money out of paranoia about atm's...

  6. Anonymous Coward
    Anonymous Coward

    @ Gasper

    I've never heard of Gasper before so checked Wikipedia.... I don't think you're referring to a marijuana cigarette, or a type of adjustable ventilation outlet used in aircraft or even a river in southwestern Kentucky, U.S.

    Are you therefore referring to someone who engages in erotic asphyxiation...?!! If so, I demand to know more.

  7. Mike

    Wait for it

    Soon someone will figure out how to use the mag stripe reader itself to insert the trojan. Watch for the guy with a stack of cards running them through in rapid fashion.

    Mines the one with the usb to mag stripe converter in the pocket.

  8. DR

    it really wouldn't surprise me

    if there were just a PC inside of an ATM.

    I don't know why but I've been shocked plenty of times to discover that things that look clever in fact only have old and aging PC's inside running on old OS's that surely must have many flaws.

  9. Just Thinking
    Dead Vulture


    Kind of distracted by the banner ad for FAST at the top of this article.

  10. Anonymous Coward


    all your money/accounts are belong to us.

    your friendly local haX0rs

  11. Mike Moyle

    @ Oliver Mayes

    I could be naive, as well, but my suspicion is that the ATMs in question are the privately owned NoNameCashSpot™ machines often found at gas stations and convenience stores, rather than bank-owned machines. (G**gle "own an ATM" and see how many companies are willing to sell one to any Tom, Dick, or Vladiszlav with cash in hand...) Someone comes in every so often to put cash in and unload the records (electronic or paper), and the store owners don't pay any attention 'cause it's not their machine.

    Buy one, install the sniffer software and put it out someplace, upgrade the software whenever you go in to service it, and no one gives a rodent's rectum 'cause "it's just the guy servicing his machine."

    It's why I try to avoid using those particular machines if at all possible.

  12. Eirik Iverson

    More Info Would be Nice

    I'm curious about the operating system (s) used for these ATMs and what privileges the typical technicians have on them. With such relatively static configurations, it would seem quite straightforward to lock these machines down and perform regular audits to counter these risks, even if the techs have admin rights.

    Eirik Iverson

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021