`


THERE IS NO GOD EXCEPT ALLAH
read:
MALAYSIA Tanah Tumpah Darahku

LOVE MALAYSIA!!!


 


Thursday, October 2, 2014

Only one type of ATM targeted

The machines are the kind that can be peeled open at the rear to allow access to the system.
ATM300PETALING JAYA: Banks need to replace only one type of automatic teller machines (ATM) to prevent the kind of theft committed by the Latin American gang last week, according to Deputy Home Minister Wan Junaidi Tuanku Jaafar.
He said the targeted machines were of the type that could be peeled open at the rear to allow someone to insert a disc to hack into the system. He declined to give more details, citing security concerns.
“Banks have been advised to upgrade their ATMs yearly following a spate of hacking cases,” he told reporters here.
Wan Junaidi advised banks not to look only at profits but to also invest in security.
Dismissing concerns that last week’s heist represented a national threat, Wan Junaidi said police were working closely with the Immigration Department to locate the hackers.
“We are confident that the suspects are still in Malaysia,” he said.
A cybercrime expert told FMT it appeared that the hacked machines came from a single manufacturer.
“The culprits may have got hold of the master key of that particular brand,” he said.
“They would need the master key to gain access to the inner motherboard of the machine, which is similar to a PC. Having gained entry, they will then be able to install the malware and gain access to the server.”
The expert said there were many ways to breach the ATM machine’s system but the modus operandi was the same. “Once they get into the server, they can remotely control the machine and do whatever they want it to do.
“A lot of the machines run Windows XP, which Microsoft has stopped supporting.
“Many ATM machines do not use technology like PKI (public key infrastructure). As long as the transaction ID and ATM ID are correct, the machine will accept the access.”
He said there was a 50:50 chance that bank “insiders” were involved in the hacking.
“The hackers know which ATM machines are not well guarded at times. Either they have done their observation of the in-house routine or they have had inside intervention.
“They could have just created a generic malware and use it to attack the machines.”

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.