Criminals Stuff Macau ATMs With Malware, Extract Customers’ Money

macao-skimmers-600x376Did you think that tiny Bluetooth ATM skimmers were a terrifying prospect? Two men in Macau are accused of using long strips that look like circuit boards to infect ATMs and digitally extract customers’ card numbers and PINs.

Krebs on Security is the place to learn about scams like these, explaining both the crimes and how they work. In this case, police say that the two suspects aren’t from Macau (a Chinese territory west of Hong Kong) but are from Ukraine. They stole $100,000 by corrupting the automatic tellers.

They allegedly used these green objects, which were connected to a laptop, then inserted them in the card slot. This is the best picture that we have of them so far, but the strips are about as wide as a credit card and maybe five times as long. They resemble a circuit board, but no details on exactly how they were constructed have been made public yet. Obviously.

According to a source at the bank in question, inserting the circuit board card thingy caused the machines to crash and restart, then run normally while slurping up card number and PIN data from customers. The government says that the two suspects returned to the ATM to gather their virtual loot, extracting it from the machine using the same green strip.

It’s almost enough to make a person refuse to withdraw money from anywhere other than a metal box in her backyard. (Not really. Stay out of my backyard.)

Thieves Planted Malware to Hack ATMs [Krebs on Security]