Hacking News DX_ATM_hacked

Published on December 24th, 2014 | Post Views: 3,487  HitsPost Views

6

Gang Hacked ATMs from Inside Banks

An organized gang of hackers from Russia and Ukraine has broken into internal networks at dozens of financial institutions and installed malicious software that allowed the gang to drain bank ATMs of cash. While none of the victim institutions were in the United States or Western Europe, experts say the stealthy methods used by the attackers in these heists would likely work across a broad range of western banks.

▼Advertisment

Most cybercrime targets consumers and businesses, stealing account information such as passwords and other data that lets thieves cash out hijacked bank accounts, as well as credit and debit cards. But this gang specializes in hacking into banks directly, and then working out ingenious ways to funnel cash directly from the financial institution itself.

▼Advertisment

A number of the gang’s members are believed to be tied to a group of Eastern European hackers accused of stealing more than USD $2 million from Russian banks using a powerful, custom-made banking trojan known as Carberp. Eight men in Moscow were arrested in 2012 and accused of building and using Carberp, but sources say the core members of the gang were out of jail within hours after their arrest and have been busy rebuilding their crime machine ever since.

▼Advertisment

According to report released today by Fox-IT and Group-IB, security firms based in The Netherlands and Russia, respectively, the Carberp guys have since changed their tactics: Instead of stealing from thousands of bank account holders, this gang has decided to focus on siphoning funds right out of banks’ coffers. So far, the security firms report, the gang has stolen more than $15 million from Eastern European banks.

To gain a foothold inside financial institutions, this crime group — dubbed the “Anunak group” — sent bank employees targeted, malware-laced emails made to look like the missives were sent by Russian banking regulators. The phishing emails contained malicious software designed to exploit recently-patched security holes in Microsoft Office products.

▼Advertisment

Incredibly, the group also reportedly bought access to Windows PCs at targeted banks that were already compromised by opportunistic malware spread by other cyber criminals. Indeed, Fox-IT and Group-IB report that the Anunak gang routinely purchased installations of their banking malware from other cybercriminals who operated massive botnets (collections of hacked PCs).

Once inside a financial institution, the criminals typically abused that access to launch even more convincing spear-phishing attacks against other banks. They also gained access to isolated bank network segments that handled ATM transactions, downloading malicious programs made to work specifically with Wincor ATMs. The hackers used that malware — along with a modified legitimate program for managing ATM cash trays — to change the denomination settings for bank notes in 52 different ATMs.

▼Advertisment

As a result, they were able to make it so that when co-conspirators went to affected ATMs to withdraw 10 bills totaling 100 Russian rubles, they were instead issued 10 bank notes with the denomination of 5,000 rubles, the report notes.

It was bad enough that this group is believed to have hacked into more than 50 Russian banks, but nasty messages encoded into the malware tools employed by the thieves suggest they hold utter contempt for their targets. One malware component the group used to infect targeted systems carried inside of itself the text string “LOL BANK FUCKIUNG”. Another strain of malware deployed by this group’s targeted email campaigns and used to build their own botnet of more than a quarter-million PCs was encrypted with a key that is the MD5 hash of the string “go fuck yourself.”

While they appear to have developed a penchant for stealing directly from banks, these crooks aren’t above going after easy money: Sources tell that this group of hackers is thought to be the same criminal gang responsible for several credit and debit card breaches at major retailers across the United States, including women’s clothier Bebe Stores Inc., western wear store Sheplers, and office supply store Staples Inc.

▼Advertisment

A separate source previously told this author that there was a connection between the point-of-sale malware used in the breach at Michaels and the Staples incident, which means this group may also have been involved in the Michaels breach. In any case, Group-IB and Fox-IT note that the Anunak gang has hit a total of 16 retailers so far.

The attacks from Anunak showcase once again how important it is for organizations to refocus more resources away from preventing intrusions toward detecting intrusions as quickly as possible and stopping the bleeding. According to the report, the average time from the moment this group breaks into bank internal networks and the successful theft of cash is a whopping 42 days.

The full report on the Anunak group is available here (PDF).












6 Responses to Gang Hacked ATMs from Inside Banks

  1. SeattleChaz says:

    DAMN it! You just had to include the Deus Ex ATM hack image, didn’t you? Now I have to reinstall it – again! 🙂

  2. micheal clinton says:

    BE SMART AND BECOME RICH IN LESS THAN 3DAYS….It all depends on how fast
    you can be to get the new PROGRAMMED blank ATM card that is capable of
    hacking into any ATM machine,anywhere in the world. I got to know about
    this BLANK ATM CARD when I was searching for job online about a month
    ago..It has really changed my life for good and now I can say I’m rich and
    I can never be poor again. The least money I get in a day with it is about
    $50,000.(fifty thousand USD) Every now and then I keeping pumping money
    into my account. Though is illegal,there is no risk of being caught
    ,because it has been programmed in such a way that it is not traceable,it
    also has a technique that makes it impossible for the CCTVs to detect
    you..For details on how to get yours today, email the hackers on : (
    atmmachineworldhackers@gmail.com ). Tell your
    loved once too, and start to live large. That’s the simple testimony of how
    my life changed for good…Love you all …the email address again is ;
    atmmachineworldhackers@gmail.com <atmmachineworldhackers@gmail.com

  3. Kenneth says:

    Hello friend, my name is Mr Kenneth Dana i want to share my testimony on how i got my BLANK ATM card which have change my life today. i was once living on the street where by things were so hard for me, even to pay off my bills was very difficult for me i have to park off my apartment and start sleeping on the street of Vegas. i tried all i could do to secure a job but all went in vain because i was from the black side of America. so i decided to browse through on my phone for jobs online where i got an advert on Hackers advertising a Blank ATM card which can be used to hack any ATM Machine all over the world, i never thought this could be real because most advert on the internet are based on fraud, so i decided to give this a try and look where it will lead me to if it can change my life for good. i contacted this hackers and they told me they are from Australia and also they have branch all over the world in which they use in developing there ATM CARDS, this is real and not a scam it have help me out. to cut the story short this women who were geeks and also experts at ATM repairs, programming and execution who taught me various tips and tricks about breaking into an ATM Machine with a Blank ATM card.i applied for the Blank ATM card and it was delivered to me within 3 days and i did as i was told to and today my life have change from a street walker to my house, there is no ATM MACHINES this BLANK ATM CARD CANNOT penetrate into it because it have been programmed with various tools and software before it will be send to you. my life have really change and i want to share this to the world, i know this is illegal but also a smart way of living Big because the government cannot help us so we have to help our self. if you also want this BLANK ATM CARD i want you to contact her on email via; {marceatmhackers@gmail.com}

  4. mr brown says:

    I have help a lot, this is one of my client I help.
    Hello friend, i want to share my testimony on how i got my BLANK ATM card which have change my life today. i was once living on the street where by things were so hard for me, even to pay off my bills was very difficult for me i have to park off my apartment and start sleeping on the street of Vegas. i tried all i could do to secure a job but all went in vain because i was from the black side of America. so i decided to browse through on my phone for jobs online where i got an advert on Hackers advertising a Blank ATM card which can be used to hack any ATM Machine all over the world, i never thought this could be real because most advert on the internet are based on fraud, so i decided to give this a try and look where it will lead me to if it can change my life for good. i contacted this hackers and they told me they are from Australia and also they have branch all over the world in which they use in developing there ATM CARDS, this is real and not a scam it have help me out. to cut the story short this men who were geeks and also experts at ATM repairs, programming and execution who taught me various tips and tricks about breaking into an ATM Machine with a Blank ATM card.i applied for the Blank ATM card and it was delivered to me within 3 days and i did as i was told to and today my life have change from a street walker to my house, there is no ATM MACHINES this BLANK ATM CARD CANNOT penetrate into it because it have been programmed with various tools and software before it will be send to you. my life have really change and i want to share this to the world, i know this is illegal but also a smart way of living Big because the government cannot help us so we have to help our self. if you also want this BLANK ATM CARD i want you to contact the Hackers email,mrbrownhacker@hotmail.com or call me on my number +2347038566755 and you life will never remain the same,

  5. Jode Steve says:

    What everyone is saying about these cards is true. Listen I was almost homeless.
    I got one of these cards and at first I was skeptical, yea right this stuff works?
    But I put the card in the atm and entered some pins and just like that I had $1,500!
    My family and I can finally live and eat great! I found a way to duplicate the cards. If you want freedom like me contact at jodesteve@yahoo.com

  6. lambert says:

    I am Mr. Lambert Harold, i want to use this medium to thank Mr. Smith Greg who helped me with an already hacked ATM CARD and i was so poor without funds that i got frustrated. One morning as i was browsing on the internet, i saw different comments of people testifying of how Mr.Smith Greg helped him from being poor to a rich man through this already hacked ATM CARD. I was skeptical if this was true, i decided to contact one of the people giving this testimony to see proof before i contact this hackers, and they proved to me beyond all doubts that its was really for real so i urgently contacted the email {Hackedatmcard.atmdelivery@gmail.com}, and today am also testifying on how Mr. Smith Greg helped me. I never believed in it until the card was sent to me, which am using today if you want to confirm from me how he helped me this is my email address; lambertharoldflx@gmail.com. Contact Mr Smith Greg and become rich. Email: Hackedatmcard.atmdelivery@gmail.com

Leave a Reply

Back to Top ↑