Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cybergang Compromises Every ATM In Russian City

Posted by timothy on from the equal-opportunity dept.

Orome1 writes "A group of fraudsters has been arrested in Yakutsk and Moscow for allegedly compromising all the ATMs in the city of Yakutsk — population: around 210,000 — in the Republic of Yakutia in the Russian Federation. Three of the men formed the actual criminal group, and the fourth — a Moscow-based malware developer — was 'subcontracted' by them and received 100,000 rubles (some $3200) to develop a custom ATM virus with which they would infect the devices."

17 of 74 comments (clear)

  1. In Russia... by Anonymous Coward · · Score: 2, Funny

    ATM's take money from you.

  2. How could it be that easy? by yog · · Score: 3, Funny

    The article said one was a sys admin who apparently had access to the ATM's, and another was a former IT director, but still you'd think there'd be some security to prevent some crooked employee from just emptying out an ATM whenever he felt like it.

    Scary how easy it was to compromise an entire city like that. I think I'll stop using ATMs for a while and switch back to bank tellers. Then again, humans are pretty easy to infect, too, using this virus called "money" that makes them do diabolical things.

    When MacAfee comes out with a human honesty scanner, that'll help a lot.

    --
    it's = "it is"; its = possessive. E.g., it's flapping its wings.
    1. Re:How could it be that easy? by AvitarX · · Score: 4, Informative

      but still you'd think there'd be some security to prevent some crooked employee from just emptying out an ATM whenever he felt like it.

      Considering they were caught before they could do anything I would say it's a fair assumption.

      --
      Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
  3. Cybergangs? by deadhammer · · Score: 3, Insightful

    Why aren't they just a "gang"? Is it because this crime has to do with technology and is, therefore, magically different than any other crime? If these guys had robbed all the banks in the city the traditional way, we wouldn't call them a "bankgang" or a "robberygang", would we? If they skimmed money the traditional way (bribes and scams) would we call them a "financegang"?

    --
    I'll be honest, we're throwing science against the wall to see what sticks. -Cave Johnson
    1. Re:Cybergangs? by AvitarX · · Score: 2

      No, but they would probably be differentiated, and if they specialized in tech crime it's a shorter word.

      Also we have bank-robbers, not just robbers. This hardly even sounds like a cyber-crime as I've heard them in the past, as it doesn't appear to have taken place using cyber-space (or proximity wouldn't have been a factor).

      I would even say the fact that location was a factor makes it not a cyber-crime (as the media uses the word).

      --
      Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
  4. This needs to happen more often by dingen · · Score: 3, Insightful

    Maybe then the world will learn not to run Windows on these kind of devices.

    --
    Pretty good is actually pretty bad.
    1. Re:This needs to happen more often by Walter+White · · Score: 5, Insightful

      My roots as an MS hater go back to DOS long before Windows. And I disagree with your claim.

      Given access from by the former head of IT, it would be feasible to engineer a compromise for any OS. If they had physical access, anything is possible. Perhaps they even had access to the dev environment which was used to program the machines.

    2. Re:This needs to happen more often by morgan_greywolf · · Score: 2

      I actually agree with this. A few years ago, I was shocked to learn that new ATMs were being installed with Windows XP. The ATM at a local gas station I frequent -- I think it's some sort of Diebold model -- actually has a more-or-less stock Windows XP, complete with Solitaire and Minesweeper! I couldn't make this stuff up if I wanted to. WTF do you need Solitaire and Minesweeper on an ATM?

      Seems to me they could save lots of money using one of those ARM SoCs and a stripped-down embedded Linux. It'd be tons more secure.

      --
      My blog
  5. Evident Risk joke by Progman3K · · Score: 3, Funny

    about Yakutsk usually being easy to protect

    --
    I don't know the meaning of the word 'don't' - J
    1. Re:Evident Risk joke by PaulMeigh · · Score: 2

      Except of course when a large North American army is passing through Kamchatka.

  6. Time to go back to OS/2! by Joe+The+Dragon · · Score: 2

    Time to go back to OS/2!

  7. $3200????????? by Ryanrule · · Score: 4, Informative

    fuckin software guys are underpaid everywhere

  8. We have a similar gang of fraudsters in US by Ada_Rules · · Score: 3, Interesting
    They've got ATMs all over the place. They run this Ponzi scheme where people give them money and then they loan out almost all of it to other people. Eventually this money gets re-deposited and again they loan out almost all of it. This cycle continues until the total amount of money that they own to depositors is substantially larger than the actual money they can ever get their hands on. They try to re-coup this by charging crazy fees on their ATMs and monthly fees for getting to play in the scheme but in the end like all Ponzi schemes, this one crashed.

    So get this, then, they have these other dudes with guns who force people to pay them money so that it can be funneled back into the Ponzi scheme to keep it going.

    On second thought, what we have here is far worse than in Russia. Damn Bank of America.

    --
    --- Liberty in our Lifetime
  9. Re:Use Russian ATMs? Really? by Phroggy · · Score: 2

    Here's the thing, though... WHO in their right mind would use an ATM is Russia anyway? Good grief, I'd be surprised if they were *NOT* compromised.

    If I were to visit Russia, I think I would opt for in-bank transactions and cash-only, *OR* a special limited balance account set up SPECIFICALLY for that trip, to be shit-canned upon return home.

    OK, but what if you actually LIVED in Russia and weren't just visiting?

    --
    $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
    $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
  10. Re:Use Russian ATMs? Really? by CRCulver · · Score: 5, Informative

    I've used ATMs all over the Soviet Union, from the metropolises like Moscow and Almaty to provincial capitals hit hard by job loss and economic migration away. I've never experienced theft of my bank card details. The crime carried out in Yakutsk is not a widespread problem in Russia. To be honest, I'd be more worried using my card in the US when stories keep coming out like those gas pumps that had been tampered with, though again that's probably the media just blowing it out of proportion.

  11. Re:Use Russian ATMs? Really? by Sectrish · · Score: 2

    He probably just forgot to type the word "former" by accident, as he also mentioned Almaty, which afaik is a city in Kazakhstan (part of the former Sovient Union).

  12. Re:Use Russian ATMs? Really? by Jade_Wayfarer · · Score: 2

    Speaking as local, I'm really surprised to read this comment. For more than three years of using credit card I've never experienced any problems with it. None of my friends did too. And not only in Moscow, but in several other cities too. I do trust my bank and it's security measures, and all cases of credit card info theft I know of happened in US or Europe.

    Now, for example, one thing I am scared of is US airport security. And how would it look if I'd said something like that: "It's a service guaranteed to humiliate you in every possible way. Why would I use it, *ESPECIALLY* if I was local?"

    --
    Absence of proof != proof of absence.