Hacking the Cash Machine

ost of the ATM skimmers I’ve profiled in this blog are comprised of parts designed to mimic and to fit on top of existing cash machine components, such as card acceptance slots or PIN pads. But sometimes, skimmer thieves find success by swapping out ATM parts with compromised look-alikes.

ATM Card skimmer, using modified ATM component

On May 16, 2009, a company representative from ATM maker Diebold was servicing an ATM at a Bank of America branch in Sun Valley, Calif., when he discovered a skimming device and a camera that were attached to the machine. The technician took pictures of the camera and card skimmer (click picture at right for larger image), and then went into the branch to contact his supervisor.

But when the Diebold employee returned, the camera had been removed from the ATM, suggesting that the skimmer scammer was lurking somewhere nearby and had swooped in to salvage his remaining equipment. This is similar to what happened when an ATM technician discovered a compromised ATM a year ago.

Investigators of the present scam learned that the thief had somehow pried off the plastic cover of the ATM’s card acceptance slot and replaced it with an identical, compromised version that included a modified magnetic stripe reader and a flash storage device. The new card slot came with its own clear plastic face that was situated in front of the plastic one that was already attached to the ATM’s internal card reader (see picture below). The entire fraudulent device was glued onto the ATM with silicon.

Real card reader and skimmer overlayBelow are a few close-ups of the silicon-based magnetic stripe reader attached to the compromised card acceptance slot overlay.

A close-up of an ATM card skimmer

Here’s a closer look at the electronics inside this handmade reader:

A close-up of an ATM card skimmerThe camera was in a trim piece that was attached above the PIN pad, cleverly designed to match the rest of the ATM in color and contour. Although the camera was removed by the thief, investigators said the trim piece was similar to a hidden camera found attached to an identical ATM at a Washington Mutual bank branch in the area.

Backside of hidden camera for ATM skimmer

In other skimmer cases, ATM thieves also have been known to hack apart and modify portions of the ATM. Last week, the Palm Beach Sun Sentinel published a story about crooks in Boynton Beach, Fla. who have been cutting the bottom of ATM card readers to remove the microchip inside and replace it with their own battery-operated card reader.

If you visit a cash machine that looks strange, tampered with, or out of place, then try to find another ATM. And remember, the most important security advice is to watch out for your own physical safety while using an ATM: Use only machines in public, well-lit areas, and avoid ATMs in  secluded spots. Also, cover the PIN pad with your hand when entering your PIN: That way, if even if the thieves somehow skim your card, there is less chance that they will be able to snag your PIN as well.

Secure Banking with Linux

Linux Secure BankingThere is identity theft, credit card fraud, and many other things that can happen to you and your money if someone steals your information. Windows computers can have trojan viruses, key loggers, and other security holes on it that thieves can use to steal your information from your computer. You can purchase all kinds of expensive antivirus software, antimalware, etc. for your Windows computer and still become a victim of identity theft. You are in luck, there are ways you can prevent this almost free!
How to Prevent Becoming a Victim of Computer Fraud

You can easily run Linux! There are no viruses that are going to get installed on your Linux computer without you knowing. You would have to physically install the virus yourself and give the virus your root (administrator) password. Linux is also a lot more secure than Windows. So you won’t have to worry about someone cracking your passwords and getting into your computer’s information.