Attacks/Breaches

7/18/2016
09:40 AM
50%
50%

Crooks Hack Taiwan ATMs With 'Smartphone,' No Bank Card, Steal Millions

Police say Russian suspects operate ATM machines without bank card, make off with $2.2 million.

Hackers, believed to be Russian nationals, stole around $2.2 million from ATMs in Taiwan, possibly using just their smartphones, and fled the country the following day, reports The Register, quoting Taiwanese police. Security camera footage shows the crooks used a connected device, but no bank card, to work several ATM machines of First Bank, say the police.

Craig Young of security tools firm Tripwire says it was likely the First Bank hackers “had installed malware ahead of time, enabling a wireless connection to 'jackpot' the ATMs.” Three malware strains reportedly showed up on the breached machines. He believes a weak wireless service could also allow hackers to access ATMs.

Several banks in Taiwan have suspended their ATM operations while investigation continues.

Read more details on The Register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Greeley K
50%
50%
Greeley K,
User Rank: Apprentice
8/12/2016 | 5:41:56 PM
ATM Fraud
I wonder if this has a connection with the Japan ATM crisis from May..? It looks like technology is giving the hacker the upper hand. It's time to step the security game up!
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Oh, No, Not Another Security Product
Paul Stokes, Founder & CEO of Prevalent AI,  8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-13106
PUBLISHED: 2018-08-15
Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13107
PUBLISHED: 2018-08-15
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13108
PUBLISHED: 2018-08-15
DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13100
PUBLISHED: 2018-08-15
DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13101
PUBLISHED: 2018-08-15
Musical.ly Inc., musical.ly - your video social network, 6.1.6, 2017-10-03, iOS application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.