1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

More ATM “Insert Skimmer” Innovations

Discussion in 'KrebsonSecurity' started by RSS, Sep 10, 2015.

  1. RSS

    RSS New Member Member

    Most of us know to keep our guard up when withdrawing cash from an ATM and to look for any signs that the machine may have been tampered with. But ATM fraud experts say they continue to see criminal innovations with “insert skimmers,” wafer-thin data theft devices that fit inside the ATM’s card acceptance slot and do not alter the outward appearance of a compromised cash machine.

    The insert skimmer pictured below was recently pulled from an ATM in Europe. According to a report by the European ATM Security Team (EAST), this type of device is inserted through the card reader throat and then sits inside the card reader capturing the data of cards that are subsequently inserted.

    [​IMG]
    An insert skimmer. Image: EAST.


    Of course, an insert skimmer alone isn’t going to capture your PIN. For that, thieves typically rely on cleverly hidden tiny cameras. Often, the spy camera is tucked inside a false panel above or directly beside the PIN pad. But as I’ve noted in stories about skimming attacks that never touch the ATM (such as vestibule door skimmers), crooks often get very creative, hiding cameras behind things like convex mirrors — or even phony fire alarms.

    The image below was captured last year by a U.S.-based bank’s own ATM security camera. It shows a skimmer scammer getting ready to install a tiny camera hidden inside of a fake fire alarm.

    [​IMG]
    Hidden cameras made to work in tandem with skimming devices need not be hidden on the compromised ATM itself.


    Broken record alert: Consumers can foil the vast majority of skimming attacks merely by covering the PIN pad with their hand when entering their PIN: That way, even if the thieves somehow skim your card, there is less chance that they will be able to snag your PIN as well. You’d be amazed at how many people fail to take this basic precaution. Yes, there is still a chance that thieves could use a PIN-pad overlay device to capture your PIN, but in my experience these are far less common than hidden cameras (and quite a bit more costly for thieves who aren’t making their own skimmers).

    I also wanted to share an update on a relatively new form of skimming that I first wrote about in November 2014 known as “ATM wiretapping” attacks. These schemes involve a so-called “wiretapping” device that is inserted through a tiny hole cut in the cash machine’s front. The hole is covered up by a fake decal, and the thieves then use custom-made equipment to attach the device to ATM’s internal card reader.

    [​IMG]
    ATM wiretapping thieves cut a hole in vertical face of the ATM to the left of the card reader facing the screen. Source: EAST.


    According to EAST, six countries reported ATM wiretapping attacks. “Typically such devices have been installed through holes drilled (or melted) below or to the right of the card reader entry throat,” EAST notes. We can see the hole drilled by the thieves in the attack on the ATM pictured above, which was covered up by the phony decal shown here removed and resting to the right of the PIN pad:

    Finally, EAST’s report has an update on another type of ATM attack that is alarmingly more common these days: Those in which crooks use gas or solid explosives to blow cash machines to smithereens. Banks in at least 11 countries reported attacks on ATMs involving explosive gas, according to EAST’s latest report in July.

    [​IMG]
    Some ATM makers are blowing up their own cash machines to figure out how to make them more resistant to explosive attacks.


    “Two countries reported significant increases in such attacks, and another country reported extensive collateral damage to buildings and nearby ATMs,” EAST’s Lachlan Gunn wrote. “Two countries also reported attacks using solid explosives. One of them reported that criminals perpetrating explosive attacks (gas and solid) are getting more violent and are employing para-military type tactics and weapons.”

    Such attacks are becoming so common that some ATM makers are actually blowing up their own cash machines in test environments to see how they can be hardened with countermeasures. The image to the right shows the aftermath of one such test.

    Fortunately, I’m not aware of any reports yet of paramilitary hoodlums lobbing grenades or blasting bazookas at U.S.-based ATMs…yet.

    On that note, as this and other insert skimmer attacks show, it’s getting tougher to spot ATM skimming devices: It’s best to focus instead on protecting your own physical security while at the cash machine. If you visit an ATM that looks strange, tampered with, or out of place, try to find another ATM. Use only machines in public, well-lit areas, and avoid ATMs in secluded spots. Also, if you have the choice between using a free-standing ATM and one that is located inside of or attached to a bank, the latter is usually a safer bet.

    Further reading:

    Stealthy, Razor Thin ATM Insert Skimmers

    The Rise of Thin, Mini and Insert Skimmers

    More on Wiretapping ATM Skimmers

    ATM Skimmers Get Wafer Thin

    Skimmer Story Archive: All About Skimmers

    Continue reading...
     

Share This Page