RSS Alerts

Related Links

Related Stories

  • More awareness needed to combat ATM crime
    As the annual cost of ATM crime in Europe approaches €500 000, and the number of ATM fraud and attacks increases 149% in a year, more security awareness among consumers is needed, according to the European Network and Information Security Agency (ENISA).
  • Eight million chip and PIN users at risk of ID fraud
    Research carried out by LV (formerly Liverpool & Victoria) Home Insurance claims that, over the last 12 months, eight million adults in the UK have given their cards - plus their PIN details - to someone else to make a purchase on their behalf or get cash from an ATM leaving the vulnerable to ID fraud.
  • More analyis on the ATM phantom withdrawal court case ruling
    Hard on the heels of last week's long-awaited ruling on the first ATM phantom withdrawal case to pass through the courts, Alistair Kelman, a barrister and presenter on Infosecurity's webinar programme, has posted an interesting report and analysis on his website.
  • Judge rules in favour of bank in first UK phantom ATM withdrawal case
    A judge has ruled in favour a UK bank after a customer took the bank to court regarding eight ATM withdrawals that he claimed he did not make.
  • Russians hack Diebold ATM software
    The act of ATM Card skimming and shoulder surfing - used by criminals the world over to create cloned cards from users of bank cash machines - has entered a new dimension.

News

From pizza delivery to ATM hacker to criminal in two years

26 October 2009

An Australian pizza delivery man who stumbled on an ATM repair manual on the internet has been sentenced to 100 hours of community service, as well as handed a two year suspended prison sentence, after the hacker obtained more than AU$30 000 (about £18 000) by using the default passwords on certain types of cash machines.

A Queensland court heard how the 23-year-old ATM hacker utilised the information to devise an attack methodology on the cash machines referenced in the engineering guide.

Although the precise modus operandi of the ATM hacker has not been revealed, it seems likely he was able to use the default management passwords on so-called `kiosk' ATMs in convenience stores and petrol stations.

According to a report in the Fraser Coast Chronicle, the ATM hacker tried out his new-found knowledge on a petrol station cash machine and withdrew AU$27 120. An hour later, he `hit' another ATM for AU$7500.

The flaw in his cunning plan was that a legitimate magnetic stripe card needed to be used to trigger the ATM into operating and, the paper reported, over a period of seven months, he used his own cards, as well as those of his girlfriend, his mother and two friends.

Had the ATM hacker used a pre-paid debit card, Infosecurity notes, then it seems likely his crimes would not have been traced.

 

This article is featured in:
Data Loss Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water