Massive ATM fraud triggers Gulf banking jitters Banks across the United Arab Emirates are fighting to restore confidence in its banking system after hackers used counterfeit cards to withdraw funds from cash machines. It's unclear how many customer accounts have hit by the attack much less how much money has been lost over the last three days, when the issue came to the …
"Preliminary investigation suggest that hackers may have got their hands on card details and PINs after rigging cash machines with card skimmers. Other reports raise the dark spectre that bank's internal systems have been compromised. We'll know soon enough who is right."
Well I suggest that hackers in the UK may have got their hands on card details and PINs after rigging cash machines with card skimmers. It hasn't caused a national emergency. I'd say the probability is high that the banks have been attacked on a more fundamental level than this. Unless UAE only has two cashpoints or something.
This is the financial equivalent of an American student being caught with a penknife compared to Columbine.
The largest bank has 223 ATMs, as opposed to a small European bank which normally has thousands.
If it was an inside job or the banking systems were breached then the people involved are obviously useless. You could easily hammer hundreds of accounts per hour and you would have to to make it worthwhile since the banks will notice quite quickly.
Obviously the UAE don't have a problem with card fraud and some idiot at routers or the like decided that this was important.
Shame on reg for bothering to publish this with out at least making it funny.
Having worked in the banking sector across the middle-east, we used to frequently see fraudulent transactions originating from the UAE.
I was once debugging some ISO8583 messages to work out why the transactions werent going through and caught a whole bunch of fraudulent messages.
I doubt the hackers will be able to do it again if caught, unless there are significant advances in voice recognition software :-)
I'm sure there will be hands lost over this.......
probably just as bad here too but i dont think the banks have to report it,although plans are to make them again......
god forbid that we dont trust the banks to be honest.......personally i hope they are getting billions from the scams it will perhaps bring the industry up to speed rather than them sitting like ostrichs with head in the sand.
If you look at the distribution (all banks), timing (all at once instead of leaking it quietly) and scale it suggests skimming. The volume suggests an operation that has been going on for a while before they hit, and it must be a gang. Find a place where many banks are together and I think you may find evidence of compromise.
One possible exception: who did those banks outsource IT to?
As for the problem, well, I did mention before it was actually sorted (until they come up with something new, of course). It will just take time to spread.
I see another opportunity for the hackers... "A large number of banks have taken the highly unusual step of advising customers to change their PIN's as a precaution."
Anybody wanna buy a fake website?
@Vincent Himpe. Bankers should be protected by stoning to death anyone who steals from them? pfff. Can we have the same rule applied to bankers to protect their customers?
Let's think about this -- several dozen non-UAE residents picked up, 'interrogated' and confessions made. Blame firmly laid on foreigners and a few migrant workers flogged and sent down.
Problem sorted, just the usual suspects.
Nothing to see move along now, any hint of it being anything to do with dodgy locals or iffy banking procedures will result in threats to withdraw bribes -- sorry - funding for various western businesses.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
