A clever new method of hacking cash machines has been uncovered by security researchers, one involving both physical and virtual crimes working in perfect harmony.
The scam, according to Kapersky, requires two operatives. A mule on the street, withdrawing physical money from cash points, plus a virtual accomplice to handle the complicated back-end business.
It's the back-end stuff that's so clever about this ruse. Once the cash has been withdrawn, the hacker, sitting snug at home in his black hooded top, accesses the bank's systems to simply cancel the transaction. This tricks the bank's systems into crediting the withdrawn balance back to the account it was just taken from, leaving the man on the street to take the card to another machine and empty the account once more.
The researchers explain how the hack was initiated, saying: "The malware, used exclusively by the Metel group, infected the bank’s corporate network via e-mail and moved laterally to gain access to the computers within the bank’s IT systems," from where it was able to grant access to systems that allowed the automating of the rollback of transactions.
Kapersky says it found evidence of the Metel malware in around 30 financial institutions in Russia, where ATMs in some areas were emptied of cash in a series of overnight raids. [Kapersky via The Register]