Reverse ATM Fraud: How It Works

Uploaded on 2015-12-04 in NEWS-News Analysis, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

ATM%20Side%20Bar.jpgSource: www.alliedmarketresearch.com

Russian hackers have adopted a new technique, dubbed Reverse ATM Attack to steal Millions of dollars from ATMs of financial institutions.

According to the experts at security firm GroupIB, the Reverse ATM Attack allowed criminal rings in Russia to steal 252 Million Rubles (roughly US$3.8 Million) from at least five different banks.

The experts provided a detailed description of the Reverse ATM Attack. The attacker would deposit sums of 5,000, 10,000 and 30,000 Rubles into legitimate bank accounts using ATMs, and immediately withdraw the same amounts of money accompanied by a printed receipt of the payment transaction. At this point the hackers send the details included in the receipt, including the payment reference number and the amount withdrawn, to a partner who had remote access to the infected POS terminals. Usually the partner is an individual located outside of Russia.

The partner hacker would then use the details on the receipt to perform a reversal operation on a POS terminal that would lead them into believing that the withdrawals were cancelled, thereby tricking thousands of point-of-sale (POS) terminals in the US and in the Czech Republic.

From the perspective of the bank, it would appear the attempt to withdraw cash was failing, a circumstance that for example occurs when the bank account has insufficient funds.

The cash out process is made through a global “money mule” network that will transfer the money to the attacker’s bank account.

Security Affairs: http://bit.ly/1lTGhS2  Sky: http://bit.ly/1PLwjys  Securelist: http://bit.ly/1XamtFf

« ISIS Video Threatens US Capital
IBM's CEO On Hackers: 'Cyber Crime Is The Greatest Threat To Every Company In The World' »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

Internet Security Alliance (ISA)

Internet Security Alliance (ISA)

ISA is an international trade association providing thought leadership in advancing a sustainable system of cyber security.

Government Communications Headquarters (GCHQ)

Government Communications Headquarters (GCHQ)

GCHQ defends Government systems from cyber threat, provide support to the Armed Forces and strive to keep the public safe, in real life and online.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

Ministry of Defence Georgia - Cyber Security Bureau

Ministry of Defence Georgia - Cyber Security Bureau

The aim of the Cyber Security Bureau is to establish and develop stable, effective and secure Information and Communication Technology systems for the Civil Office of MoD of Georgia.

SecuLution

SecuLution

SecuLution is an Antivirus product using Application Whitelisting which offers much more protection than Virus Scanners ever can.

TypingDNA

TypingDNA

TypingDNA uses AI to recognise people by the way they type on desktop keyboards and mobile devices.

IBLISS Digital Security

IBLISS Digital Security

How cyber-resilient is your business now? We help companies to continuously answer this never-ending C-level question.

LinkUp

LinkUp

LinkUp is a leading data-driven job search company. Every day we index millions of job openings directly from employer websites.

IP Twins

IP Twins

IP Twins offer a wide range of services related to domain names and online brand protection.

Adversa AI

Adversa AI

Adversa's mission is to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents.

MailChannels

MailChannels

MailChannels protects companies against malicious email threats. Used by 750+ hosting providers around the world.

Mondoo

Mondoo

Mondoo is a powerful security, compliance, and asset inventory tool that helps businesses identify vulnerabilities, track lost assets, and ensure policy compliance across their entire infrastructure.

Millennium Corporation

Millennium Corporation

For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity.

Cybecs Security Solutions

Cybecs Security Solutions

Cybecs was founded to address rapid technological advancement, changing business models, global privacy regulations, and increasing cyber threats for global organizations.

Alset Technologies

Alset Technologies

Alset Technologies provides DASH - a comprehensive solution to DISA STIG (Security Technical Implementation Guide) compliance.