Krebs on Security blog claims that the Federal Bureau of Investigation (FBI) has received an “unspecified report” that cybercriminals are preparing to carry out a large-scale global attack on ATMs in the coming days.
The attack will compromise banks or payment card processors with malware which would give the hackers access to the banks’ network and customer card details which will enable funds to be withdrawn from ATMs.
The blog posted that the FBI had sent an alert to banks saying, “The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’.”
The blog by veteran cybersecurity journalist Brian Krebs explains that in an “unlimited operation” attack, the hackers typically remove limits such as withdrawal amount and number of transactions.
“Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cybersecurity controls, budgets, or third-party vendor vulnerabilities. The FBI expects the ubiquity of this activity to continue or possibly increase in the near future,” adds the alert.
It also warns that the info will be sent out to other cybercriminals who will then be able to create clone cards to continue withdrawing money at different ATMs.
“The cyber criminals typically create fraudulent copies of legitimate cards by sending stolen card data to co-conspirators who imprint the data on reusable magnetic strip cards, such as gift cards purchased at retail stores. At a pre-determined time, the co-conspirators withdraw account funds from ATMs using these cards,” says the FBI alert.
Krebs says almost all ATM cashout operations are done over the weekend, just after financial institutions begin…
See more at: http://www.asiaone.com/digital/fbi-warns-potential-attacks-atms-around-world-security-blog