Atm Hack Codes 2017 South Africa
Cash machines are so easy to hack it can be done in just five minutes, a security expert has revealed.
Most cash machines are essentially Windows XP computers attached to a safe, according to the expert from Positive Technologies.
If attackers drill a hole in the front they can access a USB cable and dispense money.
If a hacked machine collects an individual's card details they can spread your data around a network of ATMs and dispense your money without you having any idea.
Scroll down for video
The attacker first drills a hole in the front of the machine where the keypad is (pictured). Behind this is a USB port which they can use to get into the machine
ATM HACKS
Most cash machines are essentially Windows XP computers attached to a safe meaning if attackers can drill a hole in the front they can access a USB cable release a user's cash.
For security reasons the video does not show how to remove the cash after finding the USB cable but the process takes just one minute.
To help protect yourself experts suggest using an ATM in a bank with security cameras on them.
Leigh-Anne Galloway, a security expert with Positive Technologies, showed BBC how to hack an ATM made by Georgian-based company NCR - one of the largest makers of the machine.
The attacker first drills a hole in the front of the machine where the keypad is.
Behind this is a USB port.
'It's just a safe with a computer on top', Ms Galloway told BBC Click's Spencer Kelly.
For security reasons the video does not show how to remove the cash after finding the USB cable but the process takes just one minute.
'So you could put malware on this system that could collect data from cards as well', she said.
Share this article
'So that would be information that's held on our cards as well. So if I as a consumer am using this machine it could collect my card data'.
'And that could spread around the whole network of ATMs', she said.
To help protect yourself experts suggest using an ATM in a bank with security cameras on them.
Leigh-Anne Galloway, a security expert with Positive Technologies, showed BBC how to hack an ATM made by Georgian-based company NCR - one of the largest makers of the machine
'NCR provides its customers with comprehensive recommendations and security defenses to address these challenges – we help our customers prevent attacks, and help them to assess and improve their security infrastructure', a NCR spokesperson told MailOnline.
'ATM security threats are becoming more complex and sophisticated, and thus securing one’s infrastructure and endpoints is a never-ending task.
'Banks as ATM deployers must make security a high priority and stay current with all security defences, operating system upgrades, and industry recommendation', they said.
Last year it was revealed that cyber criminals had remotely attacked cash machines in more than a dozen countries across Europe.
Last year it was revealed that cyber criminals had remotely attacked cash machines in more than a dozen countries across Europe (stock image)
CYBER CRIMINALS AND CASH MACHINES
Last year it was revealed that cyber criminals had remotely attacked cash machines in more than a dozen countries across Europe.
A February 2016 attack on servers at Bangladesh's central bank that controlled access to the SWIFT messaging system yielded more than $81 million (£64.95 million) in one of the biggest digital heists on record.
Disclosure of the campaign follows two ATM hacks in July 2016: $2.5 million (£2 million) was stolen from Taiwan's First Bank and $350,000 (£280,000) from Thailand's state-run Government Savings Bank.
Hackers remotely infected ATMs at both banks, forcing them to spit out cash that was collected by teams of 'money mules,' who authorities say travelled to Asia from Eastern Europe.
The cyber criminals are using malicious software that forces machines to spit out cash, according to Russian cyber security firm Group IB.
The heists across Europe follow the hacking of ATMs in Taiwan and Thailand that were widely reported last summer.
Dmitry Volkov, head of threat intelligence with Group IB, told Reuters in November last year he expects more heists on ATMs.
Hackers have moved from stealing payment card numbers and online banking credentials to more lucrative hacks on bank networks, giving them access not only to ATM machines, but also to electronic payment networks.
A February 2016 attack on servers at Bangladesh's central bank that controlled access to the SWIFT messaging system yielded more than $81 million (£64.95 million) in one of the biggest digital heists on record.
Disclosure of the campaign follows two ATM hacks in July 2016: $2.5 million (£2 million) was stolen from Taiwan's First Bank and $350,000 (£280,000) from Thailand's state-run Government Savings Bank.
Hackers remotely infected ATMs at both banks, forcing them to spit out cash that was collected by teams of 'money mules,' who authorities say travelled to Asia from Eastern Europe.
MORE REASONS TO UPGRADE
HARDWIRED Malware for ATMs
- Connect a mobile phone to the machine with a USB cable and install Ploutus Malware.
- The attacker sends two SMS messages to the mobile phone inside the ATM.
- SMS 1 contains a valid activation ID to activate the malware
- SMS 2 contains a valid dispense command to get the money out
- Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet.
- Network packet monitor (NPM) module coded in the malware receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus
- Amount for Cash withdrawal is pre-configured inside the malware
- Finally, the hacker can collect cash from the hacked ATM machine.