Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bank Employee Plants Malware on ATMs

Posted by kdawson on from the where-the-money-is dept.

Wired's Threat Level has a piece on a Bank of America employee, Rodney Reed Caverly, who has been charged with installing malware on ATMs in North Carolina. Caverly, who worked on the bank's IT staff, allegedly withdrew cash untraceably from the ATMs over a period of 7 months last year. "The charges were filed the same day that credit card company Visa warned the banking industry that Eastern European ATM malware recently showed up in America for the first time. That code, initially spotted last year on some 20 ATMs in Russia and Ukraine, was designed primarily to capture PINs and bank card magstripe data, but also allowed thieves to instruct the machine to eject whatever cash was still in it... At least 16 versions of the East European malware have been found so far and were designed to attack ATMs made by Diebold and NCR, according to the April 1 Visa alert. There is no information tying the malware found in Russia with the malware allegedly used by Caverly."

10 of 171 comments (clear)

  1. Poor Diebold ATM programming by DanTheStone · · Score: 5, Interesting

    I once deposited cash at a Diebold BofA ATM that didn't use envelopes. The little door around the cash-taker closed on the bills and stuck there, so I had to slide/pull them back out. It couldn't read the amount I'd put it (since it ended up being $0) so it made me enter it on the keypad. It wouldn't accept that I'd deposited $0, so eventually I told it I'd deposited $1 so it would give the card back.

    To put a long story short, those things are not well-programmed.

  2. UNfortunately by Anonymous Coward · · Score: 5, Insightful

    This fellow will serve more time than any of the bank CEOs responsible for the huge mess in America's economy.

    1. Re:UNfortunately by Yold · · Score: 5, Insightful

      Yes I see your point, but what he did was ILLEGAL. What bank CEOs did was idiotic and a byproduct of Greenspan's Randian/laissez faire outlook on "self-regulation". They weren't violating the law, this guy was. He was deliberately engaged in an act of theft, which doesn't compare to the cluster-fuck of idiocy that caused the last recession. Bank CEOs were reckless, the government was allowing it to happen, and a bunch of toxic assets were being rated as AAA bonds.

      With that said, the real outrage is that some of the CEOs of failed banks made millions off there own failures. When you become CEO you should sign a contract saying "I will return 100% of my bonuses if my fuckups cause this company to fail".

    2. Re:UNfortunately by violasvegas · · Score: 5, Informative

      Actually, what some of these CEO's did was pretty plainly illegal. See - Lehman Brothers and the use of Repo 105. NY Times has a good breakdown. You can find it here: http://dealbook.blogs.nytimes.com/2010/03/12/the-british-origins-of-lehmans-accounting-gimmick/ Even their own internal legal review determined that the practice was illegal in the US, hence the need to do it secretly in England.

    3. Re:UNfortunately by stephanruby · · Score: 5, Insightful

      Moral: Never allow the GOP to hold power in congress again. When they abuse parliamentary tactics, it costs us $700 billion off the top, and millions of jobs.

      I don't see how you ended up with that moral. Shouldn't the excuse you used for Bill Clinton be equally applicable to the GOP in Congress? or even the few Democrats in Congress? After all, if a Democrat in Congress had seen the couple of lines added in there, wouldn't he have told the Democrat President? Or are you implying that the lines were inserted in the bill between the time it was voted in and the time it was driven to the White House (which is possible granted, but I don't think that's what you said)?

      Disclaimer: I did vote for Bill Clinton. I just think that this attitude of "That my party can do no wrong, and if they did wrong, there must be a good reason for it." is precisely what's wrong with our current political system.

  3. Re:hmm... by Stenchwarrior · · Score: 5, Funny

    He accidentally withdrew $305326.13. Must have put a decimal in the wrong place...he's always messing up some mundane detail like that, from what I understand.

    --
    Loading...
  4. wait a second by blair1q · · Score: 5, Funny

    Is this the dude who put that "This bank charges a $3 fee for you to get your own money" exploit on there?

    I hate that.

    Hang him.

  5. Re:WinXP by Volante3192 · · Score: 5, Insightful

    When you don't change the default password, it doesn't matter if you're running XP, 95, OS/2 or SELinux.
    When you can overlay a fake cardreader over the top of the device's real reader, it doesn't matter if you're running XP, 95, OS/2 or SELinux.
    When the criminal behind it is also a device admin, it doesn't matter if you're running XP, 95, OS/2 or SELinux.

    How safe do you feel knowing that?

  6. They should run Linux by LinuxIsGarbage · · Score: 5, Funny

    This is why banks should use Linux. That way it would be impossible to install the same malware on all systems. Because each slightly different model, released on slightly different dates, would have different versions of incompatible libraries

    “Why GNU/Linux Viruses are fairly uncommon” from Charlie Harvey

  7. Re:WinXP by PalmKiller · · Score: 5, Informative

    Well as an aside, it is windows XP embedded kiosk edition, but other than that, its the stock banana, so all the viruses and back doors will still work as written.