It would be like playing a slot machine that you cannot lose. The more you play, the more money spills out. Or at least until the machine goes dry.
That’s just how thieves made off with millions in Russia. How did they do it? Malware. Or to be more specific — a malware known as “Metel” that can make the ATM withdrawals go “back in time” by automatically rolling back ATM transactions shortly after being made, resetting the card balance. Likewise, the “daily limit” or other security measures are never reached, or so the machine thinks.
This story comes out of the Kaspersky Security Analyst Summit going on in Tenerife, Spain. SAS is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and members of the security research community. They gather to learn, debate, share and showcase cutting-edge research, new technologies and discuss ways to improve collaboration in the fight against cyber-crime.
This blog tells how the criminals did it, in simple terms, as told by security researchers with Kaspersky Lab, the security firm that uncovered the Metel attack platform:
The criminals successively infected computers of bank employees either with the help of spear phishing emails that included malicious executable files or through targeting a browser vulnerabilities. Once inside the network they used legitimate software to hack other PCs until they reached the device they were looking for — the one that had access to money transactions. For example, these were PCs of call center operators or the support team.
As a result, each time when criminals picked up the money from a card of the compromised bank in an ATM of another bank, infected system automatically rolled back the transactions. That’s why the balance on the cards remained the same, allowing the cybercriminal to withdraw money limited only by the amount of cash in the ATM. The criminals made similar cash-outs at different ATM machines.
Read more Dozens of banks lose millions to cybercriminals attacks.
Subscribe in the sidebar!
Disclosure of Material Connection: Some of the links in the post above are “affiliate links.” This means if you click on the link and purchase the item, I will receive an affiliate commission.
[11:12 AM, 3/1/2022] Br: posso roubar um beijinjo?
[11:12 AM, 3/1/2022] Br: beijinho
I’m an investor… I got a blank atm card that saved me from my financial crisis. I received this blank atm card from a professional hacker whose name is WESLEY MARK. The card can be use to withdraw at least $5,000 daily from any atm. So far so good the card is working perfectly and i have withdrawn $750,000 already. Furthermore, the atm card is meant to help the poor and needy people although it’s illegal, nobody gets caught and it has helped my finances. I’m sharing this information on how i got this atm card with everyone because this… Read more »
i am here to share this message of greatness to only those who will seize the opportunity life will offer to become somebody great and actualize their dreams. I’m so happy I got mine from Georg Bednorz, my blank ATM card can withdraw $3,000 dollars daily. I got it from Him last week and now I would get over $50000 dollars monthly. The blank ATM withdraws money from any ATM machines and there is no name on it, it is not traceable and now i have money for business and enough money for me and my family to live on… Read more »
I’m a truck driver. I got a blank atm card that saved me from my financial crisis. I received this blank atm card from a professional hacker whose name is Wesley Mark. The card can be use to withdraw at least $5,000 daily from any atm. So far so good the card is working perfectly and i have withdrawn $750,000 already. and i also bought 2 bitcoins from the bitcoin ATM. Furthermore, the atm card is meant to help economic crisis and needy people although it’s illegal, nobody gets caught and it has helped my finances. I’m sharing this information… Read more »
[…] Banking Hack Allowed Unlimited ATM Withdrawals […]