Hello all.
I've just received this, from a credible source. Apparently, when using a cash machine, several people have had the following happen to them, by a "team" of up to three people. Once at the machine, one of them stands behind the person making the withdrawal or at an alternative machine if two are situated together and waits for them to put their card into the machine and enter their pin number.
Once they have seen the pin number, they are somehow turning the screen off on the cash point. Police have no idea how they are doing this and the banks are also baffled. The machine then appears to the customer as having crashed.
The customer is then entering the bank to report that the machine has crashed and taken their card. As soon as this happens, one of the males is turning the machine screen back on and taking the card. They are then going to the nearest bank and carrying out the maximum withdrawal available.
Please be aware of this and report anyone acting suspiciously around the cash points. If you use a machine and it goes blank, DO NOT LEAVE THE MACHINE. Explain what has happened to someone passing and ask them to enter the bank and explain the situation.
The Police have visited all the banks and a major investigation is underway with their fraud investigators.
Not sure who your credible source is - but I cannot see how this is possible. It used to be possible to disrupt the screens with magnets when they were of the old CRT type (as some still are) but that would only result in image distortion - most are now LCD which are not susceptible to magnetic interference.
To actually interrupt and power cycle a cashpoint (atm) would result it going through it's start up cycle which includes binning any cards/cash in its peripherals as part of this process - this would require huge elctromagnets and alot of power. It is not possible to freeze the machine in mid cycle to resume later as this would corrupt the memory in the process (it requires the memory controller to refresh the memory hundreds of times a second for the contents of the memory not to be lost).
To me it sounds like your being wound up - but if you have more info would be interested to evaluate.
The scallywags have been known to fit a whole dummy ATM on the front of the real one,possibly a thin LCD polarising screen of some kind stuck on top of of the real display,current on screen transparent, current off screen blanks out the display behind. That how I would do it anyway.
More often than not it use to be a mag stripe reader inserted into the front of the card insert and someone observing the pin - but that was to clone the card not to steal the card in the first place.
Trying to clone the whole machine is not unheard of but is impractical - the only times I have known this to be done is someone inserting one into a disused store where there was never one before.
I was nearly done by the Lebanese Loop trick in Covent Garden a few years ago. I put my card into the cash machine, the thing went out of order and shut down keeping my card. Not being one to give up too easily, I fiddled around to see if I could recover my card - it came out, complete with the home made but convincing loop device. A beggar positioned near the machine then quietly pointed out a couple of irate looking blokes whose plan I'd rumbled. I found a couple of police standing around nearby, showed them the device, told them I could point out the culprits and suggested they come down and nick the scumbags concerned. Their disinterest was spectacular and they did nothing.
Well for a while I went round fitting small CCTV cameras inside ATMs looking out,I did not think it a great success all we seemed to get was hours of tape looking up punters nostrils but the Bank security bods seemed impressed with the result,dunno if they still do that,seems to me it would discourage miscreants tampering with the machines if they were informed by a sign that said they could be identified by their noses,honest punters might not like the idea though,so I want you all to forget you read this.
Our bobbies in their usual glory - you should have yelled that they called you a black gay illegal immigrant - they would be down for ten years by now.
Didn't some famous American entertainer get nicked for fitting a CCTV camera that looked up ladies skirts?never been asked to do that yet, was once asked to move a Cam into a ladies trying on room in a clothes store, "they's pinching me frocks" he claimed, told him to **** orf or I would have the law on him. Not only them Lawyers that have ethics yer know.
The top box of an ATM contains all the computery bits. Unlike the money-holding safe beneath, it is unarmoured and not at all secure. A single key fits every NCR ATM top box in the world. There are quite literally millions of those latchkeys in circulation in almost every country around the world. Opening the box does not, in most cases, trigger an alarm or even an event log.
The "core" of the top box is a bog-standard IBM-clone PC. The 9-pin D-type connector in the video cable is absolutely standard. It is trivially simple to disconnect that connector and insert a miscreant's device, such as a simple remote-controlled switch, in the video screen line. Similarly, inserting a switch inline for the card reader is simply a matter of disconnecting a ribbon connector and inserting the device inline.
Total time to insert two such devices would be about ten seconds for a practiced person.
The hardware required is easily available for about £20. It's just the sort of radio controlled gear in the cheapest toy cars/boats/planes.
Well I never! This happened to me two days ago. I was stood at the machine card in started the process and the machine went blank. S**t thinks I, no money away from home, only cashcard, wifey looks impatient from the car I beckon her out (we had parked near the machine), I did the standard pilot thing of just press lots of buttons and thump it when nothing else works another 10 seconds and it comes back on, I press some more buttons now I can see the options, get my card out and walk. Maybe the crims thought with 2 of us there one would stay while I went inside to the bank, so turned it back on to get rid of us.
Low Flier, interesting idea but sounds a little too easy. Wouldn't you at least need access to the ATM's internals before opening the system unit?
I'd struggle to see manufacturer design panels signing off on what you describe, otherwise a competent person could simply insert dataloggers between the PC and the cardreader and keypad, possibly drawing system power and communicating wirelessly with a nearby device.
Lebanese Loop: Yup, also seen that one, in Amsterdam about eight years ago. The sounds and messages didn't seem quite right and behold - an easily removed gadget that made a nice souvenir. But just as Torque Tonight experienced, the local plod could not have cared less.
Wouldn't you at least need access to the ATM's internals before opening the system unit?
Yes, but in many banks the back of the ATM is in plain view and easily accessed by customers. Of course an accomplice or three needs to stand strategically between the back of the machine and the usual security cameras, but most bank cameras are quite openly visible.
Quote:
a competent person could simply insert dataloggers between the PC and the cardreader and keypad,
Inserting a datalogger between the keypad and the core would tell you exactly nothing. The pad is a solid state affair which encrypts the keystrokes in realtime. It's an extremely tough code to break, triple DES if I recall correctly. The core of the ATM hasn't a clue what your PIN is. It simply relays the encrypted version to the bank's server, reencrypted for further security. Even the server doesn't know your PIN. Nobody in your bank knows your PIN and nobody has any way of finding out what it is, even if they have full access to all the bank's computer systems.
The way all these ATM ripoff schemes work is by having someone peer over your shoulder as you type in your PIN.
The Lebanese Loop, by the way, was easily defeated by retrofitting ATMs with a slightly modified card entry bezel. The vulnerable ones were the old flush-mounted bezels, the dark coloured ones. The light coloured ones, almost transparent with the sloping rain deflector at the top, cannot catch and hold the folded 35mm film which was the "Loop", no matter how carefully the edge perforations in the film are cut and folded back.
Of course there is no need to employ these sneaky Eastern European tricks or go to puter college for four years, use the Anglo Saxon method,steal a JCB and just rip buggah out of the wall.
