A cybercrime expert said all you need is a RM100 chip, some technical knowledge and free malware obtained over the Internet to hack Automated Teller Machines (ATMs).Speaking exclusively to FMT in regard to the recent hacking of 17 ATMs, he said, “What you need is a mastermind, a RM100 computer chip and possibly a bank ‘insider’ to execute the attacks.”
Explaining the intricacies of the hacking, he said, “He (the hacker) will know where the locks and connections are, the model of the machine, the level of security and the version of the operating system.”He added that the mastermind would then employ someone else to do the work.He pointed out, “The guys caught on the CCTV are not the actual criminals.
ATMs at three more bank branches have been hacked and almost RM450,000 (S$175,000) stolen as police launched a nationwide hunt for the Latin American suspects responsible for the thefts.The spate of ATM hacks continued with the United Overseas Bank (UOB) branch in Jalan Imbi yesterday reporting a RM92,900 theft by one of the hackers.
Statistics from industry bodies provided by Lau’s firm revealed that Malaysia had an average of 17.66 phishing sites per 1,000 host computers, three times higher than the global average of five per 1,000 host computers.Lau said banks in Malaysia had a “basic layer” of protection for their online and mobile banking platforms, but added banks needed to respond accordingly as threats are becoming more sophisticated.
While acknowledging that the lack of technology upgrades could be a contributing factor to the security systems breach, the expert also believed the lackadaisical attitude of banks was the underlying reason for the spate of ATMs hackings.The expert also highlighted several other weaknesses that surfaced. Among them were the use of outdated ATM operating systems like Windows XP. Banks have been taking things for granted because nothing like this has ever happened before.
Latest posts by William Fieldhouse (see all)
- A John McAfee-Backed ICO Exposed Thousands of Peoples Documents Due to Security Blunder - April 26, 2018
- Latest Hacking News Podcast #13 - April 17, 2018
- Latest Hacking News Podcast #12 - April 16, 2018