Hackers insert malware onto Thai ATMs, steal 12 million baht
August 28, 2016
Seid Yassin (557 articles)

Hackers insert malware onto Thai ATMs, steal 12 million baht

The central bank of Thailand (BoT) has shut down about half of its ATMs, suspecting an Eastern European gang of being responsible for planting malware on the machines in order to siphon off 12 million baht ($350,000, £263,000).

The Bangkok Post reported on Tuesday that according to the president of the state-run Government Savings Bank (GSB), Chartchai Payuhanaveechai, malware was found on one of three brands of ATMs used by the bank: those from NCR.

The bank said in a press release that it had detected that the NCR machines had been showing problems with missing money.

An initial examination revealed that 960,000 baht had gone missing from five of the automatic teller machines during 1-8 August.

GSB decided to close down all the NCR machines. That amounts to 47%, or around 3,300, of its 7,000 ATMs nationwide, according to the Bangkok Post.

Further investigation revealed that a total of 12 million baht was missing from 21 machines.

Thai police said that some of the machines were spilling out up to 1 million baht at a time.

This particular type of malware reportedly attacks stand-alone machines.

Chartchai said in the press release that the theft wasn’t related to customers’ accounts, nor to their bank balances. He told local media that the cash machines were tampered with to spew out cash: up to 40,000 baht per transaction.

If that sounds familiar, it’s probably because the same thing happened in a $2 million ATM attack in Taiwan last month.

In that attack, neither cloned cards nor stolen PINs were used to drain bank customers’ accounts.

Instead, the crooks allegedly “jackpotted” the ATMs in a series of cardless “transactions.”

Source | nakedsecurity