{"id":15164,"date":"2016-11-15T09:40:22","date_gmt":"2016-11-15T14:40:22","guid":{"rendered":"https:\/\/kasperskydaily.com\/b2b\/?p=6263"},"modified":"2022-05-05T04:32:01","modified_gmt":"2022-05-05T08:32:01","slug":"atm-attacks-4","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/atm-attacks-4\/15164\/","title":{"rendered":"Fake-processing ATM attack"},"content":{"rendered":"<p>We have already <a href=\"https:\/\/business.kaspersky.ru\/atm-attacks-1\/4201\/\" target=\"_blank\" rel=\"noopener nofollow\">written<\/a> about <a href=\"https:\/\/business.kaspersky.ru\/atm-attacks-2\/4257\/\" target=\"_blank\" rel=\"noopener nofollow\">several<\/a> <a href=\"https:\/\/business.kaspersky.ru\/atm-attacks-3\/4274\/\" target=\"_blank\" rel=\"noopener nofollow\">methods<\/a> of attacking ATMs. They have one prerequisite in common: Unauthorized persons must access the machines\u2019 hardware by means of a service key, which they obtain by various means. However, sometimes ATM operators themselves simplify the breach by leaving the banking machine\u2019s network equipment physically accessible. This <a href=\"https:\/\/krebsonsecurity.com\/2016\/07\/would-you-use-this-atm\/\" target=\"_blank\" rel=\"noopener nofollow\">example<\/a> is not unique, unfortunately.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Fake-processing #ATM attack. #security<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FV6pj&amp;text=Fake-processing+%23ATM+attack.+%23security\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Having access to the router, criminals can simply bring their own portable processing center (a minicomputer with specialized software installed), connect it to the ATM, insert any card, approve the transaction, and withdraw any amount of cash. It looks something like this:<\/p>\n<p>\u00a0<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/nRbqBLBlLLs?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>\u00a0<\/p>\n<p>Unfortunately, that kind of vulnerability is more common than you might think, although the heart of the problem remains the inadequate security in the bank systems, which fail to recognize the counterfeit processing center substitutes. And attackers don\u2019t even need access to the cable \u00a0\u2014they can open an ATM and connect their fake processing center using their own wiring. However, that\u2019s no excuse for leaving network equipment out in the open.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sometimes ATM operators make criminals\u2019 jobs easier by leaving banking machines\u2019 network equipment accessible.<\/p>\n","protected":false},"author":2706,"featured_media":16499,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[401,111,2477,97],"class_list":{"0":"post-15164","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-atm","10":"tag-attacks","11":"tag-processing","12":"tag-security-2"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/atm-attacks-4\/15164\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/atm-attacks-4\/4322\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/atm-attacks-4\/15164\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/atm-attacks-4\/15164\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/atm\/","name":"atm"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=15164"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15164\/revisions"}],"predecessor-version":[{"id":34797,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15164\/revisions\/34797"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/16499"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=15164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=15164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=15164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}