Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bank Employee Plants Malware on ATMs

Posted by kdawson on from the where-the-money-is dept.

Wired's Threat Level has a piece on a Bank of America employee, Rodney Reed Caverly, who has been charged with installing malware on ATMs in North Carolina. Caverly, who worked on the bank's IT staff, allegedly withdrew cash untraceably from the ATMs over a period of 7 months last year. "The charges were filed the same day that credit card company Visa warned the banking industry that Eastern European ATM malware recently showed up in America for the first time. That code, initially spotted last year on some 20 ATMs in Russia and Ukraine, was designed primarily to capture PINs and bank card magstripe data, but also allowed thieves to instruct the machine to eject whatever cash was still in it... At least 16 versions of the East European malware have been found so far and were designed to attack ATMs made by Diebold and NCR, according to the April 1 Visa alert. There is no information tying the malware found in Russia with the malware allegedly used by Caverly."

38 of 171 comments (clear)

  1. Poor Diebold ATM programming by DanTheStone · · Score: 5, Interesting

    I once deposited cash at a Diebold BofA ATM that didn't use envelopes. The little door around the cash-taker closed on the bills and stuck there, so I had to slide/pull them back out. It couldn't read the amount I'd put it (since it ended up being $0) so it made me enter it on the keypad. It wouldn't accept that I'd deposited $0, so eventually I told it I'd deposited $1 so it would give the card back.

    To put a long story short, those things are not well-programmed.

    1. Re:Poor Diebold ATM programming by thijsh · · Score: 4, Funny

      You misspelled $1 million as $1. ;-)

    2. Re:Poor Diebold ATM programming by Anonymous Coward · · Score: 2, Informative

      Never, ever deposit money into an ATM in that manner, especially a Diebold ATM.

      I worked for them at one point as a systems engineer and was friends with the engineering group - I was told that they have a "fair" fail rate on the device that you feed the envelope into. On some of the older ATM models there was a gap where it was possible for the envelope to thread downwards instead of into the deposit bin, and you had to take the ATM apart to get those envelopes back.

      That was one of the chief complaints they fielded at the call centers for ATM's - banks would call them and say they would have customers who said they made a deposit, but no envelope was present. They would have to dispatch a service engineer to recover them.

    3. Re:Poor Diebold ATM programming by MiniMike · · Score: 3, Funny

      Never, ever deposit money into an ATM in that manner, especially a Diebold ATM.

      If you don't deposit any money, will it still count your votes?

    4. Re:Poor Diebold ATM programming by oldspewey · · Score: 2, Funny

      Yes, but just not as many times.

      --
      If libertarians are so opposed to effective government, why don't they all move to Somalia?
  2. Untraceable and Diebold by PmanAce · · Score: 2, Insightful

    Hmmm, where have I heard that before, the terms Diebold and untraceable in the same sentence...beats me!

    --
    Tired of my customary (Score:1)
  3. UNfortunately by Anonymous Coward · · Score: 5, Insightful

    This fellow will serve more time than any of the bank CEOs responsible for the huge mess in America's economy.

    1. Re:UNfortunately by Yold · · Score: 5, Insightful

      Yes I see your point, but what he did was ILLEGAL. What bank CEOs did was idiotic and a byproduct of Greenspan's Randian/laissez faire outlook on "self-regulation". They weren't violating the law, this guy was. He was deliberately engaged in an act of theft, which doesn't compare to the cluster-fuck of idiocy that caused the last recession. Bank CEOs were reckless, the government was allowing it to happen, and a bunch of toxic assets were being rated as AAA bonds.

      With that said, the real outrage is that some of the CEOs of failed banks made millions off there own failures. When you become CEO you should sign a contract saying "I will return 100% of my bonuses if my fuckups cause this company to fail".

    2. Re:UNfortunately by violasvegas · · Score: 5, Informative

      Actually, what some of these CEO's did was pretty plainly illegal. See - Lehman Brothers and the use of Repo 105. NY Times has a good breakdown. You can find it here: http://dealbook.blogs.nytimes.com/2010/03/12/the-british-origins-of-lehmans-accounting-gimmick/ Even their own internal legal review determined that the practice was illegal in the US, hence the need to do it secretly in England.

    3. Re:UNfortunately by Anonymous Coward · · Score: 2, Insightful

      You spelled "laissez faire" properly and then screwed up "there"? FAIL

    4. Re:UNfortunately by blair1q · · Score: 3, Informative

      Yes I see your point. Let's make what those CEOs did ILLEGAL.

      Oh wait, borrowing from each other to make unsecured wagers on other people's debt positions was illegal. Until it wasn't.

      (For you amateur politicians: The retraction of the Bucket Shop laws was added onto a spending bill in 2000. Bill Clinton signed it, because it was a couple of lines in a thousand-page bill, but it was the banking industry's paid-for congresscriminals who stuck it there. Moral: Never allow the GOP to hold power in congress again. When they abuse parliamentary tactics, it costs us $700 billion off the top, and millions of jobs.)

    5. Re:UNfortunately by Yold · · Score: 2, Informative

      I think that True market forces can do a better job at regulation than the US Government can.

      Until greed, credit, and gullibility enter into the equation. What do you think causes the Great Depression? Unregulated securities markets and overvalued stocks fueled by the credit of your average citizen. What do you think causes the last recession? Under-regulation in the securities markets, and overvalued bonds fueled by the credit (mortgages) of your average citizen. For fucks-sake, my 20 year old friend had a $150,000 mortgage on $30,000 of income for a house that is now worth $40,000. He defaulted, along with basically the whole neighborhood.

    6. Re:UNfortunately by stephanruby · · Score: 5, Insightful

      Moral: Never allow the GOP to hold power in congress again. When they abuse parliamentary tactics, it costs us $700 billion off the top, and millions of jobs.

      I don't see how you ended up with that moral. Shouldn't the excuse you used for Bill Clinton be equally applicable to the GOP in Congress? or even the few Democrats in Congress? After all, if a Democrat in Congress had seen the couple of lines added in there, wouldn't he have told the Democrat President? Or are you implying that the lines were inserted in the bill between the time it was voted in and the time it was driven to the White House (which is possible granted, but I don't think that's what you said)?

      Disclaimer: I did vote for Bill Clinton. I just think that this attitude of "That my party can do no wrong, and if they did wrong, there must be a good reason for it." is precisely what's wrong with our current political system.

  4. Re:hmm... by Monkeedude1212 · · Score: 4, Interesting

    who has been charged with installing malware on ATMs in North Carolina. Caverly, who worked on the bank's IT staff, allegedly withdrew cash untraceably from the ATMs over a period of 7 months last year.

    Wait - so if they caught the guy, how the hell is that untraceable?

    Just because you don't follow the money doesn't mean you aren't tracing.

  5. Re:Great by poetmatt · · Score: 3, Interesting

    Although I hear diebold does better with ATM's, I can't help but wonder how much effort they put into ATM security versus the voting machine fiasco.

    Meanwhile, ATM's have always been pretty shoddy on security. It's a given. People essentially have physical access to the device.

    I wonder if it would be better to have ATM's running a virtual or other remote hosted ATM client so that nothing is hosted on the ATM directly? Or is this already being done in some places?

  6. Re:WinXP by Anonymous Coward · · Score: 2, Informative

    Diebold ATM's run a special version of Windows - it's not stock Windows XP. They work directly with Microsoft to create a specialized version where Diebold has much more control of the low-level functions and it's missing a lot of standard Windows components. I worked there for a years.

    Now I'm not saying that it is 100% safer and full-proof as I hate the fact that it is Windows-anything, but its definitely better than stock XP.

  7. Re:Life Without Parole by Anonymous Coward · · Score: 2, Insightful

    Who did he kill? How many children did they find in his basement?

  8. Re:Great by John+Hasler · · Score: 4, Insightful

    > Although I hear diebold does better with ATM's, I can't help but wonder how
    > much effort they put into ATM security versus the voting machine fiasco.

    Probably completely unrelated. They got into the voting machine business by purchasing a company that was showing a prototype and then rushing the prototype into production without bothering to develop an actual product. That says a lot (none of it good) about their top management, but nothing about the people in their ATM division.

    They eventually dumped the voting machine business, and it is possible that they learned from the experience.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  9. Question.... by mark-t · · Score: 4, Interesting

    ... what do you do if you get counterfeit bills from an ATM?

    --
    File under 'M' for 'Manic ranting'
    1. Re:Question.... by FLEABttn · · Score: 4, Informative

      What you're supposed to do is return them to the bank or contact the secret service and turn the money over. However, you're not reimbursed for this. If the ATM gives you a fake $20 and you go inside and give it to the bank, you're out those $20 because they didn't witness what happened between you getting the money and you coming inside the bank. Knowing that, what you do with the counterfeit money is sort of up to you. Maybe you didn't realize it was counterfeit and will spend it anyways. It's best to withdraw cash from inside the bank and verify it in front of the teller, because if they see that you didn't swap any bills and you were given a fake by them, they will exchange it.

  10. Re:WinXP by LinuxIsGarbage · · Score: 2, Informative

    Although I hear diebold does better with ATM's, I can't help but wonder how much effort they put into ATM security versus the voting machine fiasco.

    I went to a Bank of America branch here in Eastern NC one day last year, and saw a Windows XP error screen on the ATM. I then saw a Diebold guy coming out of the bank, and asked him about it. He says that the BoA ATMs are now running XP on them. How safe do you feel knowing that?

    A lot of ATMs have been running Windows for years. I remember 10 or so years ago after I finished my transaction the ATM rebooted. On the green monochrome screen was the POST check, followed by a Windows NT splash screen. I've also seen various Windows errors over the years on ATMs. Some were still NT4.0 errors, even recently. A lot of kiosks run Embedded version of Windows. As do cash registers.

    I've also seen my fair share of Linux based kiosks sitting with an error, or in an endless reboot cycle, so Windows isn't alone in this regard.

  11. Re:hmm... by Stenchwarrior · · Score: 5, Funny

    He accidentally withdrew $305326.13. Must have put a decimal in the wrong place...he's always messing up some mundane detail like that, from what I understand.

    --
    Loading...
  12. wait a second by blair1q · · Score: 5, Funny

    Is this the dude who put that "This bank charges a $3 fee for you to get your own money" exploit on there?

    I hate that.

    Hang him.

  13. Will not use BoA atms! by Bill,+Shooter+of+Bul · · Score: 3, Interesting

    And I suggest you do not use them either. They just operate and behave wrongly, even when they don't have malware installed.

    They're slow. -- ATM's in the 80's were faster.
    They're obviously running window XP. -- The standard windows sounds are used.

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  14. Re:WinXP by Volante3192 · · Score: 5, Insightful

    When you don't change the default password, it doesn't matter if you're running XP, 95, OS/2 or SELinux.
    When you can overlay a fake cardreader over the top of the device's real reader, it doesn't matter if you're running XP, 95, OS/2 or SELinux.
    When the criminal behind it is also a device admin, it doesn't matter if you're running XP, 95, OS/2 or SELinux.

    How safe do you feel knowing that?

  15. They should run Linux by LinuxIsGarbage · · Score: 5, Funny

    This is why banks should use Linux. That way it would be impossible to install the same malware on all systems. Because each slightly different model, released on slightly different dates, would have different versions of incompatible libraries

    “Why GNU/Linux Viruses are fairly uncommon” from Charlie Harvey

    1. Re:They should run Linux by rickb928 · · Score: 2, Funny

      ATMs used to be run on OS/2. I would very rarely see one stuck at the Presentation Manager startup screen.

      Nowadays, seeing an ATM stuck at the XP boot screen or BSOD isn't reeally novel.

      But the entire concept of running ATMs in XP is indeed troubling. A custom distro based on Debian would seem a good way to do it.

      Watch that the first Linux ATMs run Mandriva. Ugh. At least they should run Gentoo just to mess with 'us'.

      --
      deleting the extra space after periods so i can stay relevant, yeah.
  16. Re:WinXP by PalmKiller · · Score: 3, Interesting

    NO AC, it is not special, it is the regular plan vanilla. It is stock XP with branding done on it with the Diebold name (just like DELL and all the others do to their XP to make them look special)...and yea its installed with a script that leaves out some windows stuff that you don't need...but again this is not special either. I can't say how I know, but trust me I know.

  17. Re:WinXP by PalmKiller · · Score: 5, Informative

    Well as an aside, it is windows XP embedded kiosk edition, but other than that, its the stock banana, so all the viruses and back doors will still work as written.

  18. Re:hmm... by Dare+nMc · · Score: 2, Insightful

    Because stupidity and arrogance is traceable.
    Somehow the money has to get from the hopper to the guys home, then from the guys home to buy stuff. My guess would be the guy was caught spending beyond his means, then they started following him to ATM's where he was then recorded withdrawing the money. Then when they go looking for what account he withdrew money from, and it couldn't be found. Then again he may have just bragged about it to his girlfriend, then when he dumped her...

  19. Re:WinXP by Grand+Facade · · Score: 2, Insightful

    "I can't say how I know, but trust me I know."

    Now there is a security issue right there.......

    --
    Rick B.
  20. Re:WinXP by hyc · · Score: 3, Funny

    Windows-anything handling your money is Just Not a Good Idea.

    http://www.flickr.com/photos/27159137@N08/3186737368/

    --
    -- *My* journal is more interesting than *yours*...
  21. Re:Agreed by Yold · · Score: 4, Insightful

    Do you know what a corporation is? A corporation going bankrupt is not the same as a proprietorship going bankrupt; this is the whole reason that you start a corporation... to shield your salary/earnings in case the company goes under. The trade-off is that you essentially pay income tax twice (it is wayy more complicated though).

  22. Re:So your idea is "screw blind people!" by X0563511 · · Score: 2, Insightful

    OK, that came out ruder than I wanted it to.

    My point is that a blind person using an ATM is dangerous. Unless he has echolocation, he can't know that nobody is watching. Also, how can he tell that he's at a real ATM?

    --
    For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
  23. Re:WinXP by Nikker · · Score: 2, Insightful

    One issue with touch screens is the ability for a would be attacker to merely clean the screen before you use it. Although recovering further data is not as simple (magstrip, chip, removable device) you are still filling in blank spaces for a would be attacker and that is not usually a good idea.

    --
    A loop, by its nature, continues. If that didn't make sense, start reading this sentence again.
  24. Article mentions ATM fraud in Ukraine and Russia by Zontar_Thing_From_Ve · · Score: 2, Interesting

    The article mentions how some malware previously seen in Ukraine and Russia has shown up in the USA for the first time. While I have not been to Russia, I have been to Ukraine several times. For years now, Kiev (the capital of Ukraine) has been infamous for ATM fraud. Rule of law is very weak in Ukraine and police and the judicial system are notoriously corrupt. Anyone "caught" for ATM fraud could just bribe his way out of trouble. I even heard of fake ATMs placed in various locations in Kiev that never give out money, all they do is record info off the ATM cards and pin numbers and that info is used by the crooks later. It's been like this since at least the early 2000s. I never used an ATM on the times when I was in Kiev. I brought enough cash with me to use anytime I was going to Kiev. For the record, I used ATMs in various other Ukrainian cities and I never had a problem. In fact the only city I've ever heard of ATM fraud happening in is Kiev, but it wouldn't surprise me if it happened in some other large cities like Odessa.

  25. Another nail in the coffin by geekoid · · Score: 2, Insightful

    for electronic cash transactions.

    I expect to be back to only using cash in about 20 years.

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  26. If the economy keeps... by Nick+Driver · · Score: 2, Funny

    I expect to be back to only using cash in about 20 years.

    If the economy keeps heading in the direction it's going, I expect to be using the barter system within 20 years.

    Like as in: Hey Mr. Blacksmith, I'll swap you 3 dozen fresh hen's eggs for a pound of nails and this here yearling billygoat for welding up my broken plow blade.