Cybercriminals Refine ATM Data-Sniffing Software

BobB-nw writes "Cybercriminals are improving a malicious software program that can be installed on ATMs running Microsoft's Windows XP operating system that records sensitive card details, according to security vendor Trustwave. The malware has been found so far on ATMs in Eastern European countries, according to a Trustwave report. The malware records the magnetic stripe information on the back of a card as well as the PIN, which would potentially allow criminals to clone the card in order to withdraw cash. The collected card data, which is encrypted using the DES algorithm, can be printed out by the ATM's receipt printer, Trustwave wrote."

Re:DES

[mindbomb2323]

I am an ATM repair tech. and I can tell you that you are correct about the duress codes for people admining and there are several different ways that it can be done. I have never seen any type of gps tracker used because you would have to put it somewhere that they couldn't remove it and that would be in the vault but if you put it in there then how could you get reception. As far as using the duress code I don't think i would ever use it for the simple fact that it is a guaranteed way to become a hostage and I'm sorry but 160k of money that isn't even mine is not worth it. I still think skimmers with wifi will be the first choice for crooks because it is easy to do and hard to get cought. There are alot of banks that actually perm lock the desktop out so it makes it very hard to actually get access to it to load the malware. also on newer atms they have plates blocking the drives and the usb ports. The atms I see this stuff being pulled on are non bank atms, the kind you see with no company name in your gas stations and places like that.