Slashdot Mirror

← Back to Stories (view on slashdot.org)

Infected ATMs Give Away Millions of Dollars Without Credit Cards

Posted by Soulskill on from the i'll-order-a-dozen dept.

An anonymous reader writes: Kaspersky Lab performed a forensic investigation into cybercriminal attacks targeting multiple ATMs around the world. During the course of this investigation, researchers discovered the Tyupkin malware used to infect ATMs and allow attackers to remove money via direct manipulation, stealing millions of dollars. The criminals work in two stages. First, they gain physical access to the ATMs and insert a bootable CD to install the Tyupkin malware. After they reboot the system, the infected ATM is now under their control and the malware runs in an infinite loop waiting for a command. To make the scam harder to spot, the Tyupkin malware only accepts commands at specific times on Sunday and Monday nights. During those hours, the attackers are able to steal money from the infected machine.

83 comments

  1. This doesn't add up by drsquare · · Score: 4, Interesting

    If you have access to the ATM physically, why not just take the cash there and then?

    1. Re:This doesn't add up by BitterOak · · Score: 5, Informative

      If you have access to the ATM physically, why not just take the cash there and then?

      Because there would only be a finite amount of cash in the machine. By installing this software, you can steal a little bit at a time, and the cash would be reloaded periodically.

      --
      If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
    2. Re:This doesn't add up by edawstwin · · Score: 1

      Going back repeatedly is much more profitable.

      --
      I don't want to achieve immortality through my work. I want to achieve it by not dying. - Woody Allen
    3. Re:This doesn't add up by Anonymous Coward · · Score: 0

      If you have access to the ATM physically, why not just take the cash there and then?

      I think by physically they mean they physically have access to the hardware not the entire vault in the back of it.

      If you consider though, if you take money over a longer period of time rather than at once then people will be less likely to notice.

    4. Re:This doesn't add up by Anonymous Coward · · Score: 1

      Because the money is physically protected and will get sprayed with paint if you try to physically remove them.

    5. Re:This doesn't add up by Anonymous Coward · · Score: 0

      Because you don't kill the golden goose. You let the good guys keep filling it up with cash so you can hit it multiple times.

    6. Re:This doesn't add up by BringsApples · · Score: 1

      If you have access to the ATM physically, why not just take the cash there and then?

      Because there would be a high level of accountability. If you have physical access, and were the guy working on the machine the night before money was missing, you'd be busted. This way, I can be the guy that works on the machine, and you can be the guy that steals all of the money. We meet up and half the cash.

      At least this is how I assume it works.

      --
      Politics; n. : A religion whereby man is god.
    7. Re:This doesn't add up by kosmosik · · Score: 1

      How you can insert a bootable CD into ATM without having physical access to it? I havent seen any USB ports on the front nor CD drive slot...

    8. Re:This doesn't add up by Anonymous Coward · · Score: 0

      Go watch Breaking Bad season 2, episode 6: "Peekaboo."

    9. Re:This doesn't add up by Anonymous Coward · · Score: 5, Informative

      It's also easier to tie cash loss to an event where a bad actor had special physical access. I'd be willing to bet the cash box itself has monitors/procedors/audit trails to prevent theft/tampering from people who normally service it.

      The trojan bypasses all that, hiding cash loss in an event that does not require special physical access (Normal walk-up transactions carried out by customers) The trojan also cleans up all the auditing logs so you less sure about when the loss occurred.

      If, say, the bad actor is a crooked service man the gang of crooks can bribe him to slip their CD in and install the trojan. That way the cash gets taken when he's nowhere near the machine, and he has nothing to do with taking the cash all together. Or if, say, you're picking locks and breaking in to the machine to slip in your CD there's nothing suspicious (like an empty cash box) to point to the time where you could have broken in to the machine. You put the risk of the actual cash theft (Taking money from trojan compromised machines) on low rent thugs and suckers in your gang.

    10. Re:This doesn't add up by nojayuk · · Score: 5, Insightful

      Going back repeatedly isn't going to work -- the bank or financial company maintaining the ATMs does actually count the money going into the machines and the amounts legally withdrawn and if they don't balance then investigations are carried out. Put in 10000 quatloos, 7000 quatloos withdrawn by customers over a few days, 1000 quatloos left when the next refill is carried out = something fishy. Cookie jar accountancy rules apply, eventually Mom will notice the distinct lack of cookies and eventually catch you cookie-crumb-handed.

    11. Re:This doesn't add up by Anonymous Coward · · Score: 0

      If you have access to the ATM physically, why not just take the cash there and then?

      Perhaps there are different types of physical access?

      The people who refill the cash shouldn't have access to the computer console and vice-versa.

    12. Re:This doesn't add up by jtownatpunk.net · · Score: 2

      You can have a locked box inside a locked box. Just because they can easily get into the outer layer doesn't mean they can easily get into the inner layer.

    13. Re:This doesn't add up by PRMan · · Score: 5, Interesting

      You can actually punch a hole in many popular ATMs and there is a live USB port right behind it. This has been discussed repeatedly as a security problem. I don't know if they fixed that one, but there could be more or it could be really slow to be fixed. http://www.extremetech.com/ext...

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
    14. Re: This doesn't add up by Anonymous Coward · · Score: 0

      Most ATMs have three main locked parts: The vault safe (combination lock), the money cassette(s) (key lock) within the vault and the rest of the hardware part (key) (receipt dispenser, keypad, CPU, modem, card reader and keypad/touch screen. On some brands of ATMs this last part is considered so unimportant that the keys are universal. Hence the hackers steal this way beacuse they can't get into the vault safe. (I imagine they just add another admin password and run a test cash dispense. They got caught when the ATM owners tried to balance or audit the reciepts against the physical money put in the cassette.)

    15. Re:This doesn't add up by lawnboy5-O · · Score: 1

      Mmmmmmm! Cookies!

    16. Re:This doesn't add up by sg_oneill · · Score: 5, Informative

      If you have access to the ATM physically, why not just take the cash there and then?

      Not as easy as you think. A guy who used to live in the apartments across from me was a retired burglar. Found god in prison, went straight, yada yada. One of his old tricks was burglaring ATM machines. Apparently his trick was he'd tie a chain to the ATM and the other side to stolen truck and take off down the road with the ATM in tow. He'd then get out with a few men and lift the ATM into the truck and make a run for it.

      It would take them about 4-5 days to extract the money. Apparently the cash reserves are booby-trapped so that tampering with the mechanism would destroy the cash. As a result removing the money was a complicated procedure involving slow dismantling and a lot of welding.

      After his third attempt at it, they got a newer one, that was battery backed and had some sort of radio thing in it. Cops tracked it and they where done.

      --
      Excuse the Unicode crap in my posts. That's an apostrophe, and slashdot is busted.
    17. Re:This doesn't add up by Anonymous Coward · · Score: 0

      Nothing prevents the malware from "legally" withdrawing just a bit more from any odd customer making a legal withdrawal, then holding that money for the weekly collector.

    18. Re:This doesn't add up by RobertLTux · · Score: 1

      also unless you have

      1 the cutters needed to rip the vault from the atm

      2 a sizable truck

      Good luck getting the cash out before even Barney Fife could walk up load The Bullet and arrest you.

      --
      Any person using FTFY or editing my postings agrees to a US$50.00 charge
    19. Re:This doesn't add up by Anonymous Coward · · Score: 0

      But if you have software control of the box and record your "withdrawl" as some of the previous customers'....

    20. Re: This doesn't add up by Anonymous Coward · · Score: 0

      "If you consider though, if you take money over a longer period of time rather than at once then people will be less likely to notice."

      But that also puts you at tremendous risk of getting caught if the bank catches on and stakes it out.

    21. Re:This doesn't add up by flyneye · · Score: 1

      Sounds like they would bleed them instead of emptying them. Their are limits to the amount you can withdraw at once. A couple machines a couple times a week would have a single guy living pretty well in a work free existence.

      --
      *Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
    22. Re:This doesn't add up by wisnoskij · · Score: 1

      I doubt that is it. You can bet that they continually audit these machine, and if missing several thousand dollars or even 10 dollars between filings, they find out what went wrong.

      --
      Troll is not a replacement for I disagree.
    23. Re:This doesn't add up by kesuki · · Score: 1

      the problem you see, is ATMs require windows XP software. yes windows XP. http://www.theverge.com/2014/1/20/5326772/windows-xp-powers-95-percent-of-atms-worldwide
      So the malware simply connects to a botnet, hops through inadequate satellite networks makes a map and reinfects itself after the system is cleaned. i have seen windows xp machines infected by satellite communications they are after all devices that must obey 'this device must accept any interference received' which is usually a kill switch to make them stop emitting radio waves, but also means viruses that transmit via radio must also be accepted it is the law after all.

      --
      https://www.gnu.org/philosophy/free-sw.html
    24. Re:This doesn't add up by tlhIngan · · Score: 3, Informative

      If you have access to the ATM physically, why not just take the cash there and then?

      Because it's easier to get to the electronics than the cashbox.

      Inside these little ATMs is a steel box. Get that steel box open and you have full access to the electronics. But to get to the cash requires opening said box, then opening the safe holding the cash, which is vastly more protected.

      The cash is dispensed from within the safe and exits out a slot in the safe (basically the safe carries a number of cash cassettes and the electronics count out the cash, which is why if they mis-load the cassettes, you can be short changed or given more than you expect.

      Oh yeah, and the safe has all sorts of safeguards to destroy the cassettes should they be tampered with, making it even harder to get the cash out.

      Of course, they assumed the electronics were secure, so the other way to get the cash out is via the front door. Bypasses all the safe security systems and everythign else.

    25. Re:This doesn't add up by Anonymous Coward · · Score: 0

      They might have usb ports behing shaky locks, you know, for easier maintenance, because that reduces costs :D As does using Windows XP so you don't have to hire those expensive embedded system programmers, or for gods sake, engineers. Any fool can code for windows you know. Sure was cheap and easy. Even with the bad guys having physical access you can make their job hard and time consuming, by booting from ROM, for example. I mean, if the damn ATM gives money out like it's supposed to, there isn't a real need to update it anyways.

    26. Re:This doesn't add up by Anonymous Coward · · Score: 0

      Of course, they assumed the electronics were secure

      Which part of "Microsoft product" did they not understand?

    27. Re:This doesn't add up by m.alessandrini · · Score: 1

      I don't know, imagine the bank discovers that someone installed the malware, and only one man serviced the machine recently... He would not be so safe.

    28. Re:This doesn't add up by davester666 · · Score: 4, Insightful

      yeah. those are called "atm fee's". Oh wait, we're talking about different criminals.

      --
      Sleep your way to a whiter smile...date a dentist!
    29. Re:This doesn't add up by LordWabbit2 · · Score: 2

      They rotate all servicing of the machines, George the serviceman does not have a fixed route, it would be too easy to set up an ambush if the routines were fixed. They do log everything of course, but there is nothing stopping George from going to the ATM six months later to withdraw some money when he will never be suspected. This kind of hack requires a lot of collaboration between parties.
      a) The programmer(s) working for the bank
      b) The people servicing the ATM's
      Unless of course the ATM's in question are one of those generic cash machines instead of custom made bank ATM's

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    30. Re:This doesn't add up by Anonymous Coward · · Score: 0

      So that explains money laundering...

      In all seriousness, how is the money kept physically secure until it gets dispensed?

    31. Re:This doesn't add up by Anonymous Coward · · Score: 0

      Wait just a minute! I don't understand all this technical mumbo jumbo involving quatloos and cookies. How about putting this in terms your average Joe can understand? Acceptable forms of abstraction are: Ford F-150's, anything NFL related, and hamburgers.

    32. Re:This doesn't add up by jeauxkewl · · Score: 2

      In most ATMs it is stored in sealed, tamper-proof trays which have a security mechanism that the ATM allows to dispense. When the ATMs are stocked, the courier company simply exchanges cassettes. There are no wrapped stacks of cash visible. So essentially what happens is, the ATM is initially loaded with x amount of cash. When the level drops below a certain level, the courier is dispatched to refill the ATM. They go exchange the cassettes and the pulled cassettes are taken to a secure location where the remaining cash is counted and the totals reconciled with what the ATM says it dispensed. If the totals don't match, they WILL find out why via surveillance tapes and security seals. The secure part of the ATM where the cash is built inside a safe which is alarmed and actively monitored. That is why you see reports of ATM theft. You're less likely to get caught if you steal the entire ATM and take it to a location where you have time and privacy to force entry. Historical fact - before the ATMs moved to Windows XP, nearly all of them ran on OS/2, as recently as 2004.

    33. Re: This doesn't add up by Anonymous Coward · · Score: 0

      It does put your cash mules at a elevated level of risk, but that's why you have mules.

    34. Re:This doesn't add up by Phreakiture · · Score: 1

      If you have access to the ATM physically, why not just take the cash there and then?

      I suppose you could trigger the dispenser to start dishing out cash nonstop, but it is not as easy as it sounds. Getting at the cash cassettes is not easy, either, because the lower half of an ATM is, as you might expect when thinking about it, built as a slightly modified safe. Getting at the computer and modifying the software really is the path of least resistance.

      Source: I used to work on these machines.

      --
      www.wavefront-av.com
    35. Re:This doesn't add up by slapout · · Score: 1

      You've never seen Barber Shop, have you?

      --
      Coder's Stone: The programming language quick ref for iPad
    36. Re:This doesn't add up by Anonymous Coward · · Score: 0

      he'd tie a chain to the ATM and the other side to stolen truck and take off down the road with the ATM in tow.

      Do you live in Sunnyvale trailer park by any chance?

      http://www.youtube.com/watch?v=vHP8lBdi2w8&t=2m28s

  2. First! by Anonymous Coward · · Score: 0

    ftesfrd

  3. Hacker News Aggregator by Anonymous Coward · · Score: 0

    Less content, later: Slashdot

  4. Physical access eh... by Anonymous Coward · · Score: 0

    Sounds like something everybody could just do, right?

  5. They must a film out of this... by Anonymous Coward · · Score: 0

    Man, this reads like a movie script. Gotta say these criminals are pretty inventive.
    Now somebody telle me how the hell did these guys get physical access to the ATMs. I mean it's not like they can insert the cd and reboot the machine from the outside. They have to get inside the bank no ? What happened, all people inside were sleeping or what ? I don't understand

    1. Re:They must a film out of this... by mythosaz · · Score: 2

      These ATMs are probably the kind you find in smaller stores - about the size of a internet kiosk at a hotel - they're not made to be all-weather unsupervised secure, just "secure inside a store with an employee around."

  6. These on XP? by cyberjock1980 · · Score: 2

    I remember back when XP was officially discontinued there was some article that said something like 70% of ATM machines worldwide still ran XP. Anyone able to confirm if this is the case? If so, are they exploiting some vulnerability in XP that is never-to-be-patched?

    1. Re:These on XP? by mythosaz · · Score: 3, Interesting

      Many, yes.

      Some kiosk versions of XP are still getting patched.

      Windows XP Professional for Embedded Systems. This product is identical to Windows XP, and Extended Support will end on April 8, 2014.
      Windows XP Embedded Service Pack 3 (SP3). This is the original toolkit and componentized version of Windows XP. It was originally released in 2002, and Extended Support will end on Jan. 12, 2016.
      Windows Embedded for Point of Service SP3. This product is for use in Point of Sale devices. It’s built from Windows XP Embedded. It was originally released in 2005, and Extended Support will end on April 12, 2016.
      Windows Embedded Standard 2009. This product is an updated release of the toolkit and componentized version of Windows XP. It was originally released in 2008; and Extended Support will end on Jan. 8, 2019.
      Windows Embedded POSReady 2009. This product for point-of-sale devices reflects the updates available in Windows Embedded Standard 2009. It was originally released in 2009, and extended support will end on April 9, 2019.

    2. Re:These on XP? by angel'o'sphere · · Score: 1

      Most ATMs I have ever seen are Windows, no idea what version.
      But it is clearly to diagnose on the blue screen they show so often.
      I guess many of them are NT and not even XP ...
      What is bejond me is: why do they even have a CD drive ... they don't need it, and software updates are usually distributed by bank internal networks, not by technicians running around with a CD.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    3. Re:These on XP? by Obfuscant · · Score: 5, Insightful

      If so, are they exploiting some vulnerability in XP that is never-to-be-patched?

      They are exploiting a vulnerability that is found in almost every operating system, and which has yet to be patched by any vendor. It's called "running a program". As the summary says:

      First, they gain physical access to the ATMs and insert a bootable CD to install the Tyupkin malware.

    4. Re:These on XP? by dfsmith · · Score: 1

      ...and software updates are usually distributed by bank internal networks

      I'm not sure I like the idea of rogue ATMs on the internal bank network.

    5. Re:These on XP? by MoonlessNights · · Score: 3, Informative

      That isn't an operating system flaw but a hardware flaw: loads data from device into memory and points the CPU at it.

      What is actually surprising is that they don't use some kind of DRM-esque bootloader (much like you find in many phones) where it only boots an image with a matching signature.

    6. Re:These on XP? by tqk · · Score: 2

      True. There's also, "Physical access means no security."

      --
      "Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.
    7. Re:These on XP? by angel'o'sphere · · Score: 1

      Those networks are for ATMs only, rofl.
      Banks are bad in many regards, but their I?t usually works fine, old fashioned perhaps but nevertheless up to the tasks.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    8. Re:These on XP? by AmiMoJo · · Score: 1

      They won't do anything that might increase their costs, as long as they can blame the owner for failing to secure physical access to the machine.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  7. Power Draw by Anonymous Coward · · Score: 0

    Could it be detected by the power used?

  8. without credit cards by Anonymous Coward · · Score: 0

    and without soup cans, and without traffic lights, and without elephant trunks, and without any other irrelevant items either.

  9. not Dollars, just banknotes by turkeydance · · Score: 1

    they aren't worth worrying about. the USD is king.

  10. BREAKING NEWS! by Anonymous Coward · · Score: 0

    BREAKING NEWS!

    Someone reprograms a machine to do something else, and it does it! More at 11:00!

    1. Re:BREAKING NEWS! by Anonymous Coward · · Score: 0

      PRiORiTY OVER-RiDE. NEW BEHAViOR DiCTATED.
      MUST BREAK TARGET iNTO COMPONENT COMPOUNDS.

  11. So many ways this could've been prevented? by Anonymous Coward · · Score: 2, Insightful

    Why does an ATM have a cd drive, let alone usb ports or anything else? Why does it boot off of media without altering the BIOS and requiring a password? Why isn't the OS encrypted making modification require more difficult techniques like bootkits which has other protection mechanisms?

    1. Re:So many ways this could've been prevented? by mythosaz · · Score: 2

      Cost, ease of deployment, maintenance and updates.

    2. Re:So many ways this could've been prevented? by michelcolman · · Score: 1

      Can't they just update it via the internet?

      (Note to ATM vendors: no, stop, that was a joke, do NOT... what? You already did? And you used which OS? No, please...)

  12. It's nothing a few more fees can't cover (no text) by asjk · · Score: 1

    nt

  13. "Without attracting attention" by Anonymous Coward · · Score: 0

    So your banks ATM's are losing millions of dollars without any audit information showing them coming out of an account, and you don't notice?

    1. Re:"Without attracting attention" by grim4593 · · Score: 1

      Bank systems shouldn't trust ATMs - everything the ATM does should be verified by the bank system before any transactions occur. I don't see why the ATM should be anything but a dumb terminal with little to no intelligence which simply sets up an encrypted session with the bank servers. Is there a reason things are not done this way?

    2. Re: "Without attracting attention" by Anonymous Coward · · Score: 0

      Most financial institutions are loath to reveal a breach lest the public feel their money isn't secure. Banks and other financials are probably much more victims of losses than the publis ever knows.

    3. Re:"Without attracting attention" by PRMan · · Score: 2

      Speed. In the old days, telephone lines were EXTREMELY slow and they wanted to limit that to just the actual transaction details. Also, they would only call a modem when that transaction actually happened.

      But you're right, for modern operations, they should just be dumb terminals.

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
    4. Re:"Without attracting attention" by mythosaz · · Score: 3, Informative

      The bank is disconnected from the ATM during this process. Money isn't being removed from an account. Bills are being removed from a mechanical hopper, because the software on the kiosk has a service mode, accessible outside of normal service because the real software on the ATM has been replaced by a modified version that allows it without the normal controls.

    5. Re:"Without attracting attention" by michelcolman · · Score: 1

      Instead, they used dumb programmers with little or no intelligence. It was cheaper that way.

  14. Can we stop using Cyber by Spy+Handler · · Score: 2

    these weren't cybercriminals, just criminals. They physically broke open ATM machines.

    1. Re:Can we stop using Cyber by 93+Escort+Wagon · · Score: 2

      Except the criminals are Cybermen.

      --
      #DeleteChrome
  15. there are millions of ATMs, this is not suprising by Anonymous Coward · · Score: 0

    > Infected ATMs Give Away Millions of Dollars Without Credit Cards

    http://www.atmmarketplace.com/news/number-of-atms-worldwide-expected-to-hit-15-million-in-december/

    So like.. $1 per ATM. That doesn't sound like much to me.

  16. Re:there are millions of ATMs, this is not suprisi by mythosaz · · Score: 1

    Probably covered by ATM fees. :(

  17. Tie it to the camera by penguinoid · · Score: 1

    When the ATM is rebooting, would be a good time to mark the camera footage as in need of review.

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
  18. So long as they aren't stealing from regular folks by Anonanonaon · · Score: 1

    So long as they aren't accessing working people's bank accounts, I'm surprisingly okay with this and hope they don't get caught. It's not like the banks wouldn't find some other excuse to raise my service charges. Or just plain seize my accounts during times of crisis.

    So, go bank robbers!

    Though...

    Not sure I'd want to risk being destroyed over a bunch of funny money.

    Being a bank robber seems like just another flavor of servitude. You're agreeing to value their make-believe money system by risking your 'freedom' for it.

  19. This is small potatoes. by fahrbot-bot · · Score: 4, Funny

    If you want to steal BIG, you have to own the bank - just ask those guys on Wall Street.

    --
    It must have been something you assimilated. . . .
    1. Re:This is small potatoes. by Anonymous Coward · · Score: 0

      If you want to steal BIG, you have to own the bank - just ask those guys on Wall Street.

      wow aren't you clever...

    2. Re:This is small potatoes. by Anonymous Coward · · Score: 0

      "What is the robbing of a bank compared to the founding of a bank?"
      -- Bertold Brecht

  20. Seems to be an inside job. by Stan92057 · · Score: 1

    Seems to be an inside job. are the ATM attendants not required to sign in to install software?? Asking because I don't have a clue but common since in this day and age would require some kinda employees key to install anything onto or on any ATM.

    --
    Jack of all trades,master of none
  21. The stupidity of an overspec device by dbIII · · Score: 2

    So a dumb terminal has an entire copy of MS Windows instead of WinCE or a cast of thousands of non-MS options, and due to that it has a huge attack surface despite only doing a very limited job. An ATM should be simple and locked down since all it's doing is being an input device to a server and getting instructions from the server to spit out cash. It's obvious. Sleazy deals where one bit of MS cuts into the market of a different bit of MS are the only reason why such stupidity happens and you get a desktop computer doing the job of an embedded device.

  22. Ban Microsoft Windows on ATMs .. by lippydude · · Score: 0

    "Kaspersky Lab performed a forensic investigation into cybercriminal attacks targeting multiple ATMs around the world"

    See, slashdot, wasn't difficult to mention the actual Operating System. ref

  23. Credit Cards? by aoism · · Score: 1

    Don't most people use a bank card / ATM card / debit card to withdraw money, and not a credit card? I know you can get the option of taking out cash on a credit card, but aren't debit cards the norm?

  24. smart by luther349 · · Score: 1

    it says millions but how long was this going on.what they likely did was take small amounts from many machines over times not to raise flags say if one was missing 1000$ you can bet they would adult it but if its 5 or 10$ not so much.

  25. We've seen that before by Anonymous Coward · · Score: 0

    Watch Dogs... anyone?

  26. That's why the Russians hacked those US banks by Anonymous Coward · · Score: 0

    Now that the accounts have been hacked, the ATMs can be set up to dispense their cash. The foreign banks themselves could be the criminals.

  27. Really? by Anonymous Coward · · Score: 0

    The ATM was running windows and protected by McAfee Antivirus -- please excuse me while I go laugh.