Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label ATM. Show all posts
Skimmer
ATM Bank Credentials Card Skimming Credit Card Cyber Security Financial Data Financial Security Phishing Attacks Skimmer

Taking Measures to Prevent Card Skimming and Shimming

Protecting your financial information is crucial in the digital era we live in today. Credit card skimming and shimming have grown to be serious risks to customers all around the world with the emergence of sophisticated cybercrime techniques. Maintaining your financial stability depends on your ability to recognize and resist these approaches.

Credit card skimmers, according to PCMag, are deceptive gadgets installed on legal card readers, such as ATMs or petrol pumps, with the purpose of capturing and storing your card information. Cybercriminals have adapted by utilizing shimmers, which are extremely thin devices inserted into the card reader slot, according to KrebsOnSecurity, which cautions that even with the switch to chip-based cards, they have done so. These shimmers allow them to intercept the data from the chip.

The Royal Canadian Mounted Police (RCMP) provides valuable insights into how criminals install skimmers. They often work quickly and discreetly, making it hard for victims to notice. They may place a fake card reader on top of the legitimate one or install a small camera nearby to capture PIN numbers.

To protect yourself, it's important to be vigilant. MakeUseOf suggests a few key steps:

  • Inspect the Card Reader: Before using an ATM or a card reader at a gas pump, take a moment to examine the card slot. Look for any unusual devices or loose parts.
  • Cover Your PIN: Use your hand or body to shield the keypad as you enter your PIN. This simple step can prevent criminals from capturing this crucial piece of information.
  • Monitor Your Accounts: Regularly review your bank and credit card statements for any unauthorized transactions. Report any suspicious activity to your bank immediately.
  • Choose ATMs Wisely: Whenever possible, use ATMs located in well-lit, high-traffic areas. Avoid standalone ATMs in secluded or poorly monitored locations.
  • Stay Informed: Keep up-to-date with the latest scams and techniques used by cybercriminals. Knowledge is your best defense.
Remaining vigilant and well-informed is your primary defense against credit card skimmers and shimmers. By adopting these practices and staying aware of your surroundings, you can significantly reduce the risk of falling victim to these insidious forms of cybercrime. Remember, your financial security is well worth the extra effort.


Read more »
MGM Resorts
ATM cryptocurrency Cyber Attacks Cyber Siege CyberCrime Cybersecurity MGM Resorts

MGM Resorts Hit by Cyber Siege: Hackers Brag About Four-Day Outage

 


In the wake of a cyberattack that forced MGM Resorts to shut down systems across all of its properties, the company continues to suffer from widespread outages. The majority of MGM's internal networks were shut down for most of Sunday, the evening before the Grand Opening of its Las Vegas Strip hotels and casinos such as the Bellagio, Aria and Cosmopolitan. 

Due to this technical failure, ATMs and slot machines throughout the company's hotels and casinos experienced widespread disruptions, and guests have reported issues with their room digital key cards and electronic payment systems, as well as the electronic payment systems in the casinos. 

“MGM is an enormous company, but there are countless cases where small and medium-sized businesses are victimized by ransomware every week and it does not usually make the headlines,” says Alex Hammerstone, who is an advisory solutions director at TrustedSec, a cybersecurity firm based in Ohio. 

According to the company on Monday, a "cybersecurity issue" had affected some of its systems and was forcing the company to shut down some of its systems, which were owned by MGM, which has over two dozen hotels and casinos around the world and an online sports betting arm as well. Several reports indicated that everything from hotel room keys to slot machines did not work for the next several days. 

A number of the properties of the company were also taken offline for a while, including their websites. There was a lot of confusion among guests when the company went into manual mode to remain as functional as possible as the company moved from an electronic system to a manual system as it struggled to keep up with demand. There was no response received from MGM Resorts to a request for comment, and no vague references were made to a "cybersecurity issue" on Twitter/X to reassure guests that the company was working to resolve it and that there would be no interruption to the resorts. 

MGM Breach Claimed by Scattered Spider 

A group called Scattered Spider is thought to have been involved in the MGM breach, and they reportedly used ransomware developed by ALPHV, or BlackCat, a ransomware-as-a-service operation known as ransomware-as-a-service. 

The Scattered Spider attack is the result of social engineering, where attackers impersonate people and organizations that have a relationship with the victim and attempt to manipulate them into performing certain actions. 

The hackers are particularly adept at "vishing," which is convincingly gaining access to systems through phone calls instead of the more traditional phishing, which is conducted through emails. Black-hat actors such as ALPHV have become extremely well-known in the cybersecurity industry as they have been credited with damaging attacks on companies such as Reddit and Western Digital, among others, in recent times. 

CISA, an American cyber security agency, issued an alert on ALPHV in April 2022 based on information found in a Flash report released by the FBI, noting that the criminal group had "compromised at least 60 entities across the globe. There has been no public description of the nature of the security breach by either MGM or the FBI, and MGM has not responded to Forbes' multiple requests for comments about the breach. 

During the investigation, the FBI confirmed that they were involved. It is believed that the members of the scattered spider are between the ages of 18 and 20, they may be based in Europe or possibly in the United States, and they may have fluency in English, so their vishing attempts are much more convincing than, for example, a phone call from someone with a Russian accent and only a basic understanding of the language. 

The hacker appears to have obtained the personal information of one of the employees on LinkedIn and posed as them in an attempt to impersonate them to obtain credentials from MGM's IT support desk so they could access and infect the systems. 

In a financial newspaper report, someone claiming to be a representative of the group said the group had stolen and encrypted MGM's data along with requesting money in crypto to be released. This was the backup plan; initially, the group planned to hack the company's slots, but they were unable to accomplish this goal, according to the company representative. 

Cybersecurity experts say that VX-Underground may be a trustworthy source for the attack even though ALPHV's responsibility has not been verified. As reported by VX-underground, Scatter Spider used social engineering as a means of compromising MGM, as the hackers allegedly found an employee on LinkedIn and called their help desk to gain access to the account. 

As a result of the hacking techniques of Scattered Spider, employees have been tricked into granting hackers access to large corporate networks through social engineering tactics. There are reportedly young adults and teenagers among the members of the transatlantic hacking group as well as similar hacking and extortion groups like Lapsus$, who resemble similar groups in terms of their activities. 

A spokesperson for the FBI, who declined to be identified, confirmed the investigation into the MGM cyberattack was in progress, but would be unable to provide more information at this time. Cyberattack victims and individuals facing extortion have long been advised by US authorities not to pay ransom in the event of cybercrime.
Read more »
Indian Bank
ATM ATM Skimmer Bank Cyber Security Banks Cyber Security Cyberattack Digital Money Hackers Steal Money Indian Bank

Indian Banks Failing to Protect Their Cyber Security

 


Indian Banks Failing to Protect Their Cyber Security In Thane, Maharastra some unidentified fraudsters hacked the server and tampered with the data of a cooperative bank. According to Police, the hackers allegedly siphoned off Rs. 1.51 crore to various accounts from the Dombivli Nagarik Sahkari (DNS) bank on March 12. 
 
Following the attack, a case has been registered against unidentified persons under section 420 (Cheating and dishonestly inducing delivery of property) of the Indian Penal Code (IPC) and section 65 of the Information Technology Act at Manpada police station under the Kalyan division who has started a probe into the incident in collaboration with Thane cyber police.  
 
The security incident draws light on the issue of bank frauds that have become deep-seated in the Indian Financial System. In just over seven years, Indian banks have witnessed frauds surpassing $5 trillion with total fraud loans amounting to Rs. 1.37 lakh crore in the last year alone.  
 
Shocking scams like Punjab National Bank (PNB) scam (2018), Cosmos Bank cyberattack (2018), Canara Bank ATM Hack (2018), along with many other vishing, phishing, ATM skimming, and spamming attacks have continued to plague Indian banks over the recent years. With an increase in digital-based transactions, money cheating cases have also witnessed a sharp rise. The techniques and resistance measures employed by banks to safeguard their customers’ financial data and money have met with progressive and sophisticated hacking techniques used by fraudsters in India.  
 
John Maynard Keynes, after examining the condition of banking in India said banking in India should be conducted on the safest possible principles while calling India a “dangerous country for banking”. The apprehension has proven to be prophetic in the modern world as financial institutions failing to conduct prudent banking have become the center of monetary scams. Reportedly, the State Bank of India (SBI), HDFC Bank, and ICICI Bank constituted a majority of incidents totaling more than 50,000 fraudulent incidents in the last 11 fiscal years.  
 
Digitalization in India has led to the manifestation of ‘Digital Money’ and cashless transactions have been on a continual rise. Consequently, the protection of data and privacy becomes more important as a fragile cybersecurity system can have serious repercussions for any bank’s customer base.  
 
Data breaches have emerged to be a serious threat in the banking sector which further amplifies the need for an impenetrable banking system as recovering from data breaches and regaining control of a breached server can be extremely stressful and time-consuming. In order to strengthen the evolution of the banking system, banks require to identify and plug the gaps in security. Part of the problem can be attributed to the accelerated pace of digitization which has increasingly required the same kind of investment on the cyber hygiene side as well.  
 
Some of the viable measures that banks can undertake include proactive security techniques like ‘Whitelisting’ (blocks unapproved programs while only allowing a limited set of programs to run) and BIOS passwords (prevents external access to systems and servers). Awareness of employees, stringent filtering, and communicating regularly with regional offices are some of the other preventive measures as advised by the security experts.
Read more »
Web Skimming
ATM Card Skimming Cyber Security Web Skimming

Target Reveals Its Personal Skimming Detection Tool


Web skimming is a major problem for e-commerce shops and websites over the past few years. The attacks include simple script injections into payment platforms and breaches of genuine third-party services and scripts. Often referred to as Magecart attacks, these have become one of the leading reasons for card-not-present (CNP) fraud and affect small and big brands in the same manner, and also impact e-commerce platforms. Top e-commerce retailers, Target went in solutions a few years back to deal with this problem and keep their customers safe when shopping on the Target website.
 
As there were not many ready-to-detect tools for these attacks back then, two computer security experts thought about making one. After going live and in use for more than three years, Target.com company's client-side scanner has now been issued as an open-source project named Merry Maker. Merry Maker constantly affects online surfing and executes test transactions to scan for any harmful code. 

Merry Maker works as a guest on Target.com by executing various general tasks that include online purchases. In this process, the tool stores and analyzes various types of information which includes network requests, browser activity, and JavaScript files to check for any suspicious activity. 

About Card Skimming 

Card skimming is an attack where a harmful device is deployed at the point of authorized transaction to steal financial credentials. In the real world, skimming devices are attached to the card slots of ATMs or gas pump payment platforms to store data encrypted on the card's magnetic stripe. These generally come with a PIN pad or small cameras that plans to steal PINs types by users. 

These chip-based cards use encryption along with other transaction authentication and verification features are meant to challenge such types of card attacks. "Web skimming groups use sophisticated techniques to make their keylogging code hard to detect. The code can be heavily obfuscated and added to existing JavaScript files or even stored in other types of resources such as CSS or even embedded into images or it can be hosted on third-party domains," writes CSO.
Read more »
User Privacy
ATM ATM Security attackers Cyber Fraud User Privacy

Hiding ATM Pad Gives Less Protection Against Attackers: States Research

 

While using a credit card or cash card for money withdrawal from an ATM, users must provide their unique PIN. A careful individual might conceal the keypad with their hand as they input it so that nobody else learns their PIN, although even if they hide the keypad with their hand, it is possible to predict the PIN with good accuracy using a machine learning technique. 

Recently, investigations have indicated that it is viable to program a special-purpose deep-learning system to predict 4-digit card PINs 41% of the time, even when the victim is shielding the keypad with their hands. The attack necessitates the establishment of a copy of the target ATM since training the algorithm for the exact size and key spacing of the various PIN pads is critical. 

Utilizing footage of individuals inputting PINs on the ATM pad, the machine-learning model is then taught to detect pad presses and give particular probability on a set of possibilities. The researchers collected 5,800 recordings of 58 different people from various demographics inputting 4-digit and 5-digit PINs for the research. 

The prediction model was run on a Xeon E5-2670 having 128 GB of RAM and three Tesla K20m with 5GB of RAM each. Not any typical system, but probably within a reasonable cost range. 

The researchers rebuilt the right sequence for 5-digit PINs 30 percent of the time using three tries, which is generally the maximum allowed number of attempts before the card is blocked, and 41 percent of the time for 4-digit PINs. 

The model may omit keys based on non-typing hand coverage and derive pushed digits from other hand motions by calculating the topological distance between two keys. 

The positioning of the camera that catches the attempts is critical, particularly when filming left or right-handed people. The attacker concluded that concealing a pinhole camera at the top of the ATM was indeed the best choice. However, if the camera can capture audio as well, the model might employ pressing sound feedback that is slightly different for every digit, making the estimates much more precise. 

This experiment demonstrates that concealing the PIN keypad with the other hand is insufficient to guard against deep learning-based assaults, but there are several alternatives one may use. 

For instance, if the bank allows users to select a 5-digit PIN rather than a 4-digit PIN, go with the lengthier one. It will be more difficult to remember, but it is far more secure against any such attacks. Furthermore, the proportion of hand covering considerably reduces prediction accuracy. A coverage ratio of 75% results in an accuracy of 0.55 for each trial, whereas entire coverage (100%) results in an accuracy of 0.33. 

Another alternative would be to provide customers with a virtual and randomized keypad rather than the conventional mechanical one. This has unavoidable usability problems, but it is a great security precaution.
Read more »
Cyber Security
ATM Black Box Attacks Cyber Security

Two Belarusian Arrested in Black Box ATM Attack

 

The Polish authorities have detained two individuals committing so-called ‘Black Box’ attacks, targeting ATMs, whereby criminal offenders attach electronic devices to cash machines and electronically force them into spraying all the money. The Polish authorities did this with the assistance of Europol. 

Following the ATM 'jackpotting' attack, which fraudulently led cash machines throughout Europe to deliver Euro 230,000 ($273,000), two Belorussian residents have been arrested. 

According to a press statement released on July 29 by Europol, criminals gained access to ATM cables by piercing or mounting pieces, that further connect the equipment to a laptop physically. This was then used to send relay commands to distribute all of the cash in the ATM. 

An ATM black-box attack is an ATM cash-out sort, a fraud concerning the financial system where the culprit bores troughs in the top of the cash machine, to obtain access to the internal infrastructure of the ATM. The money dispenser of the ATM is then connected to an outside electronic device, or black box, which employs native ATM commands to discharge money, circumventing the necessity for a card or transaction authorization. 

Coordinated by the EU Law Enforcement Agency and its Joint Cyber-Crime Action Task Force (J-CAT), the investigation highlighted that dozen of such "Blackbox" attacks have been committed by criminals in at least seven countries in Europe. 

The hackers attacked only a certain ATM model; Europol stated. The company refused to disclose in its assessment the specific cash machine brand susceptible to attack technology. Meanwhile, the Polish police in Warsaw, Poland on 17 July detained both suspects. The investigation also engaged German, Austrian, Swiss, Slovak, and Czech law enforcement authorities. 

While ATMs are indeed a lucrative target, they often have major physical and virtual weaknesses. ATM vulnerabilities have been a frequent issue since hacker Barnaby Jack persuaded an ATM in 2010 in Black Hat USA at a security conference in 2010 to dump all its money on stage.
Read more »
SBI
ATM Bengaluru CDM Cyber Fraud SBI

Colombian Woman purloin Rs 17.71 Lakh from SBI ATM

 

Bengaluru Police have confronted a freshly growing crime that goes under the name ATM fraud. In this ATM fraud, the actors steal the money from the ATM by fixing a device and hacking the bank’s servers with their master dupe. In recent times, a Columbian woman has been accused of this fraud. She was held in defrauding the State Bank of India (SBI) with a calculated amount of Rs. 17.71 lakhs with her dupe. This case was registered in the Hegdenagar, Northeast Bengaluru, India. 

This incident was first perceived by a manager of SBI, Sushil Kumar Singh when he acknowledged an unusual call from a man, who had a query stating that he has received Rs. 1 lakh while he was trying to withdraw an amount of Rs. 1,500 from the local SBI ATM at Hegdenagar. This incident was reported to the Sampigehalli Police on the 11th of January. 

On the other hand, upon hearing the situation from the caller, Sushil Singh with his colleagues ran to the troubled ATM right away and started his investigation. The first thing that he did was to switch off all the ATMs at the kiosk as a precautionary measure. This was done so as the other ATMs do not get in the eye of the actor. The very next day, in the morning he found that a device was attached to the cash deposit machine (CDM) at the kiosk. Further in the investigation, a scrutiny of the cash balance receipt revealed that Rs 17,71,500 were missing from the ATM. 

Later the CCTV footage of the ATM as well as the neighboring areas was checked by the bank staff. With the help of the CCTV footage, they concluded that a woman had walked into the ATM near about 2.25 pm on the 11th of January and had fixed the device to the CDM. In this regard, Sampigehalli police evaluated the clues which helped them to track and arrest a woman, named Leidy Stefania Munoz Monsalve, aged 23 on Friday who was the culprit behind the fraud. 

The device that was fixed to the CDM works by hacking the bank’s servers connected to the ATM, which enables the actors to withdraw the money stored into the kiosk. However, the Police have recovered the stolen money from the ATM. The police mentioned that “The Hegdenagar case, along with three others from Banaswadi, Halasuru, and Nelamangala, appears to be her first foray in cybercrime”.

Currently, Monsalve is in custody for further investigation. Well, this is not the first time that Monsalve was arrested, she has been a part of thefts earlier as well. But was released on bail.
Read more »
Cybersecurity
.skl files ATM ATM Hacking Cybersecurity

Black Box: A New ATM Attack that Diebold Nixdorf Warns Off


A unique kind of ATM attack has come to surface called "Black Box." ATM developer Nixdorf warns the financial sector to stay on alert. The attack was widespread accross Europe recently. The Black Box ATM attacks are similar to Jackpotting, in which hackers make the ATMs dispense out cash in piles. Hackers use jackpotting to attach a malware in the ATM or use a black box instead. "Some of the successful attacks show a new adapted Modus Operandi on how the attack is performed.
"Although the fraudster is still connecting an external device, at this stage of our investigations, it appears that this device also contains parts of the software stack of the attacked ATM," says Diebold.


In the case of black-box attacks, the hacker tampers with the ATM's external casing and gets access to the port. The hacker can also put a hole in the machine to find internal wires and connectors. Once the hacker has access, he connects the black-box with the ATM through a laptop, building a connection with the internal systems. After this, the hacker then has control over the command options and uses it to dispense cash out of the ATM.

These kinds of jackpotting attacks on ATMs have happened for a decade. The jackpotting attacks have been quite famous among gangs, as the method is very cost-effective and profitable. Jackpotting attacks are more straightforward compared to cloning cards, ATM skimming, and laundering money, which consumes quite a lot of time. Another reason for the popularity of black-box attacks is that the noob hackers (amateur) don't have to spend a lot of money to get a black box. One can purchase a device and launch an ATM attack without having to spare a lot of time.

"In recent incidents, attackers focus on outdoor systems and are destroying parts of the fascia to gain physical access to the head compartment. Next, the USB cable between the CMD-V4 dispenser and the special electronics, or the cable between special electronics and the ATM PC, was unplugged. This cable is connected to the black box of the attacker to send illegitimate dispense commands," says Diebold on his website.
Read more »
malware
ATM Juice Jacking malware

State Bank of India Issues Warning of Juice Jacking


In recent months there has been a rise in cyber-frauds with people losing money on online payment or digital transactions. As digital transactions increase so do hackers get more and more creative in their ways of siphoning money. Cons where people accidentally reveal OTP and pins have become quite common but now a new malware has shown up. As such, the country's prominent bank State Bank Of India issued a warning against Juice Jacking also known as USB charging scam.


A new technique that infects mobile phones with malware when they are connected to public charging ports and steal their personal information. What is Juice Jacking? Juice Jacking is stealing your personal information via a USB port. Hackers have developed a simple benign-looking USB port like a gadget that is attached to charging sockets at public places. Once the user connects his phone to this charging device the USB port infects the phone with malware. Then this malware gets active and sends personal information like contact details, emails, messages, photos, private videos, and sensitive financial credentials to the hacker. The miscreant then uses this information to siphon user's money.

The media reports, "Hackers adjust ports on these charging stations with sophisticated USB-like widgets that don’t look unusual for most. Once a user connects to one of these malicious ports, the device bypasses the phone’s security to steal the contents of the phone, including bank details, emails, messages, photos, and private videos, by injecting malicious software." Weeks earlier California Los Angeles County District Attorney department also issued a similar warning of Juice Jacking to locals and travelers.

Now, SBI also warns people to not charge their phones and other devices from public charging portals at station and airports.

 How to protect your phone? 
Don't ever plug your phone to USB charging ports.
Always use two pins AC electrical outlets.
Better bring your charger or power bank as prevention is better than cure.
Avoid charging your phone at a public place like a metro station.

Read more »
Subscribe to: Posts (Atom)