Mystery still surrounds a recent series of bank heists in Taipei, Taiwan.
Crooks apparently made off with NT$70,000,000 (more than US$2M) in a spate of fraudulent ATM withdrawals just over a week ago, leaving both the banks and investigators unsure quite what happened.
Usually, casher crews, who are the feet-on-the-street of the crooks behind banking cybercrime, take a stash of cloned cards and stolen PINs on a withdrawal spree, hitting ATM after ATM to suck hard cash out of unsuspecting users’ accounts.
But in the recent Taipei attack, no cards were inserted.
Apparently, the crooks jackpotted the ATMs in a series of cardless “transactions.”
Taiwanese authorities now say they are after two Russian nationals, who allegedly wore masks to try to dodge surveillance cameras.
They’re also alleged to have relied on malware implanted on the ATMs to provide a hidden feature to make the ATMs disgorge money without going through the usual transaction process.
They also carried out the attacks, whether by accident or design, while authorities were otherwise occupied by typhoon weather.
Unfortunately, it looks as though part of the reason the Russians are persons of interest in the investigation is that they left Taiwan on the Monday immediately following the fraudulent withdrawals.
That adds yet another layer of complexity to the case.
We can’t be sure, of course, that malware was involved, and if so, how the ATM network was breached.
But it’s always disappointing to hear of malware on specialised computers such as ATMs or cash registers, not least because you’d hope that trusted devices of that sort would be kept on a dedicated network of their own, to reduce their exposure to the rest of the world.
Sadly, as far as we can tell, that sort of network segregation seems to be the exception, rather than the rule.
If there’s a silver lining for customers, it’s the suggestion that the ATMs were reprogrammed to count out banknotes on demand, without linking the dispensed money to any account.
Of course, as a society, we all lose when this happens, but it sounds as though no individual customers will be left with phantom withdrawal posted against their accounts.
Want to segregate the computers on your own network? Personal laptops on one network, visitors on another, and IoT devices separate from both? The Sophos XG Firewall is 100% free for home use, including email scanning, web filtering, intrusion prevention, a VPN and much more.
“Hunted” schoolgirls’ nude images and personal info published online
More than 2,000 sexual images of underage girls and women have been shared by teen boys and young men, on an...August 17, 2016
Why you STILL can’t trust password strength meters
I’m worried about password strength meters. In March 2015 I tested five popular password strength meters in a simple experiment that...August 17, 2016
Facebook’s unblockable-ads push is a “big bluff”
Facebook, the adblocker ball’s back in your court, but researchers seem to have punched some holes in your racket. I’ve just...August 17, 2016
Did “The Shadow Brokers” hack NSA cyberweapons worth $500M?
A self-styled hacking group going by The Shadow Brokers have started a tongue-in-cheek media campaign claiming that they’ve penetrated the NSA...August 16, 2016
US hotels hit by payment card slurping malware
The chain that owns Westin, Starwood, Marriott, Hyatt, Intercontinental and Le M?ridien hotels – HEI Hotels & Resorts – on Friday...August 16, 2016
People like using passwords way more than biometrics
A new survey shows that we’ll give up our passwords only when they’re pried from our cold, dead hands. That’s more...August 16, 2016
“You dirty RAT” – Spy versus Spy in the cybercrime underworld
Thanks to Gabor Szapannos of SophosLabs, who did the hard work behind this article. Not all malware is ransomware, even though...August 16, 2016
Silk Road suspect “Libertas” can be extradited to US, says court
Back in December 2013, the US Department of Justice (DoJ) charged three individuals with three different offences stemming from the now-defunct...August 15, 2016
Tech support scammer tricked into installing ransomware
First things first, we do not recommend that you screw around with crooks. That includes fake support calls, 419 scammers and...August 15, 2016