Reverse ATM Fraud: How It Works

Uploaded on 2015-12-04 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

ATM%20Side%20Bar.jpgSource: www.alliedmarketresearch.com

Russian hackers have adopted a new technique, dubbed Reverse ATM Attack to steal Millions of dollars from ATMs of financial institutions.

According to the experts at security firm GroupIB, the Reverse ATM Attack allowed criminal rings in Russia to steal 252 Million Rubles (roughly US$3.8 Million) from at least five different banks.

The experts provided a detailed description of the Reverse ATM Attack. The attacker would deposit sums of 5,000, 10,000 and 30,000 Rubles into legitimate bank accounts using ATMs, and immediately withdraw the same amounts of money accompanied by a printed receipt of the payment transaction. At this point the hackers send the details included in the receipt, including the payment reference number and the amount withdrawn, to a partner who had remote access to the infected POS terminals. Usually the partner is an individual located outside of Russia.

The partner hacker would then use the details on the receipt to perform a reversal operation on a POS terminal that would lead them into believing that the withdrawals were cancelled, thereby tricking thousands of point-of-sale (POS) terminals in the US and in the Czech Republic.

From the perspective of the bank, it would appear the attempt to withdraw cash was failing, a circumstance that for example occurs when the bank account has insufficient funds.

The cash out process is made through a global “money mule” network that will transfer the money to the attacker’s bank account.

Security Affairs: http://bit.ly/1lTGhS2  Sky: http://bit.ly/1PLwjys  Securelist: http://bit.ly/1XamtFf

« ISIS Video Threatens US Capital
IBM's CEO On Hackers: 'Cyber Crime Is The Greatest Threat To Every Company In The World' »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Information Security Research Association (ISRA)

Information Security Research Association (ISRA)

ISRA is a non-profit organization focused on various aspects of Information Security including security research and cyber security awareness activities.

InteliSecure

InteliSecure

InteliSecure offer Professional Services, Security Assessments and Managed Services for data and threat protection.

PCI Compliance Guide

PCI Compliance Guide

The PCI Compliance Guide is one of the leading educational websites available focused exclusively on PCI compliance.

Celestya

Celestya

Celestya is dedicated to providing the most advanced and cost effective systems for human behavior education on cybersecurity awareness training.

Futurex

Futurex

Futurex is a globally recognized provider of enterprise-class data encryption solutions.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

Awake Security

Awake Security

Awake Security offer a security solution built on an AI platform that acts like the human brain to sense, detect, and respond to threats you may not even know exist.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

Ecubel

Ecubel

Ecubel is the market leader in Belgium in buying and selling used IT harware guaranteed by a certified data erasure.

Responsible Cyber

Responsible Cyber

Protect yourself with Responsible Cyber’s 360° platform, IMMUNE, arming you with comprehensive support for your business.

AML Global Solutions (AMLGS)

AML Global Solutions (AMLGS)

AMLGS delivers Financial Crime prevention training programmes and consultancy services encompassing Anti-Money Laundering (AML), Counter Terrorism Financing (CTF), Bribery & Corruption and Fraud.

Trusted Technologies and Solutions (TTS)

Trusted Technologies and Solutions (TTS)

TTS is a security consulting company specialised on business continuity and crisis management, information security management, information risk management and identity and access management.

Park Place Technologies

Park Place Technologies

Park Place Technologies' mission is to drive uptime, performance and value for critical IT infrastructure.

NorthRow

NorthRow

NorthRow provides digital transformation compliance solutions to help businesses manage regulatory and financial crime risks.

Fibernet

Fibernet

Fibernet's innovative solutions in the fields of cybersecurity and fiber optics range from telecommunications infrastructure to small business cybersecurity.

Network Contagion Research Institute (NCRI)

Network Contagion Research Institute (NCRI)

NCRI provides pioneering technology, research, and analysis to identify and forecast cyber-social threats targeting individuals, organizations, and communities.