news.com.com— A criminal gang in the U.K. was able to steal confidential banking data by bugging ATMs with an MP3 player, The Times of London reported in its online edition Thursday.
Nov 16, 2006View in Crawl 4
the burden shouldn't (and isnt) on the atm owners(which in this case are not banks), it is on the credit agencies who the atms dials too, which then take the pin and authenticate it with the banks(where im sure there is encryption). The credit angencies should be held liable for not requiring encryption. My guess is that after the banks pay back their customers, they'll sue/ban the credit angencies.
How can any financial processing network possibly allow unencrypted transmission? This is utterly shocking.I'm sure I thought of this idea many timesin the past, but just assumed it couldn't possibly be that easy, as it would obvioulsy be encrypted.
of course it's posible...that's all they're doing...connecting via modem to some server...play that back...and you're golden...the only vaguely complicated part...would be having to extract the atm side of the communication...of course...it's posible that the server doesn't make any responce...and that it's just client communication...like sending an email...no confirmation...ha...but then they wouldn't get things like...your account balance....iknow that they used to have a system that if the atm couldnt' connect to a server to deduct the ammount..that it'd just write it to your card that you had to get that amount deducted next time......
@CartoonAl1. So?2. And an MP3 player connected between the machine and wall socket isn't?3. Do an eBay search for "ATM machine".$150-200k/week would be average for one compromised ATM. I have the feeling they did this to more than one machine, so they actually didn't make that much.
Classic, now the script kiddies of the 2006 have their version of the Captain Crunch whistle!The one thing that puzzles me, with all the surveillance cameras in the U.K. wouldn't they eventually be on "candid camera"?Tsk-Tsk-Tsk.... now if they had an MP3 player that had a mag-stripe reader-writer attached to it, now that would be something... ATM security itself is rather impressive overall, eventually if your too greedy, they will catch you.. around 75% of ATM's have security cameras somewhere around.. and security companies are no longer embarrassed about going public with security breaches which alert the public to be virtual security snitches..My main problem with this story is that it could have been something ingenious, but will now be part of 'stupid criminals caught on tape'... shows! The video camera lets no good crime go unpunished, especially if its in the public forum...
I just read another article about it. They couldn't get the pins, they only could decode the credit card numbers and the expiration date. They couldn't even cash out if they wanted too, they had to buy merchandise and fence it.
<a class="user" href="http://westsounds.com">http://westsounds.com</a> claims to have a simply enormous catalog - over 200,000 albums online. This seemingly extensive catalog contains not just the latest and greatest, but also older tracks too - which lots of people (like me) are shopping for. I have had a tendency to lose CD's over the years, so this is a good way for me to reclaim (cheaply) the music I've already bought in the past.
aflat362Nov 16, 2006
That's nothing. In Terminator 2 like 10 years ago, young John Connor was able to do this with an old Atari system.
Closed AccountNov 16, 2006
hey aflexer big mouth, copy the program what the guy used for decoding the recorded data, put the f**king source here, until that stfu noob prick
eatdjorangeNov 16, 2006
this is old...we use to emulate a transaction server and send approval key back to the ATM to get money using any bank card
kevincw01Nov 16, 2006
the burden shouldn't (and isnt) on the atm owners(which in this case are not banks), it is on the credit agencies who the atms dials too, which then take the pin and authenticate it with the banks(where im sure there is encryption). The credit angencies should be held liable for not requiring encryption. My guess is that after the banks pay back their customers, they'll sue/ban the credit angencies.
brennanNov 16, 2006
Only once a week? I change mine every 20 minutes.
3denNov 17, 2006
How can any financial processing network possibly allow unencrypted transmission? This is utterly shocking.I'm sure I thought of this idea many timesin the past, but just assumed it couldn't possibly be that easy, as it would obvioulsy be encrypted.
justahumanNov 17, 2006
of course it's posible...that's all they're doing...connecting via modem to some server...play that back...and you're golden...the only vaguely complicated part...would be having to extract the atm side of the communication...of course...it's posible that the server doesn't make any responce...and that it's just client communication...like sending an email...no confirmation...ha...but then they wouldn't get things like...your account balance....iknow that they used to have a system that if the atm couldnt' connect to a server to deduct the ammount..that it'd just write it to your card that you had to get that amount deducted next time......
Closed AccountNov 18, 2006
@CartoonAl1. So?2. And an MP3 player connected between the machine and wall socket isn't?3. Do an eBay search for "ATM machine".$150-200k/week would be average for one compromised ATM. I have the feeling they did this to more than one machine, so they actually didn't make that much.
tmcdiggNov 18, 2006
Classic, now the script kiddies of the 2006 have their version of the Captain Crunch whistle!The one thing that puzzles me, with all the surveillance cameras in the U.K. wouldn't they eventually be on "candid camera"?Tsk-Tsk-Tsk.... now if they had an MP3 player that had a mag-stripe reader-writer attached to it, now that would be something... ATM security itself is rather impressive overall, eventually if your too greedy, they will catch you.. around 75% of ATM's have security cameras somewhere around.. and security companies are no longer embarrassed about going public with security breaches which alert the public to be virtual security snitches..My main problem with this story is that it could have been something ingenious, but will now be part of 'stupid criminals caught on tape'... shows! The video camera lets no good crime go unpunished, especially if its in the public forum...
Closed AccountNov 19, 2006
I just read another article about it. They couldn't get the pins, they only could decode the credit card numbers and the expiration date. They couldn't even cash out if they wanted too, they had to buy merchandise and fence it.
antonyt09Sep 16, 2008
<a class="user" href="http://westsounds.com">http://westsounds.com</a> claims to have a simply enormous catalog - over 200,000 albums online. This seemingly extensive catalog contains not just the latest and greatest, but also older tracks too - which lots of people (like me) are shopping for. I have had a tendency to lose CD's over the years, so this is a good way for me to reclaim (cheaply) the music I've already bought in the past.