Cyberthieves are now bypassing traditional ATM “skimmers” and wiring directly into a cash machine’s own card-reading hardware through a hidden hole in the ATM, TechCrunch reported on Monday (Dec. 1).
According to the European ATM Security Team (EAST), banks in two European countries recently reported ATM breaches that work like this: Thieves cut a small hole in the front of the ATM near the card reader, at a point normally covered by a decal or sticker. They then insert a wiretapping device through the hole, wire it into the the card reader, and finish up by covering the hole with a new decal. The wiretap device is then removed later by the thieves to harvest card data.
“A tap is attached to the pre-read head or read head of the card reader,” EAST executive director Lachlan Gunn told security researcher Brian Krebs. “The card data is then read through the tap. We still classify it as skimming, but technically the magnetic stripe [on the payment card] is not directly skimmed as the data is intercepted.”
Unlike most skimmers, which either overlay or slide into a card-reading slot, physically connecting to the ATM’s own read head will likely be undetectable, at least without poking at the replacement decal.
With the new wiretap technique, ATM hackers still have to steal PIN codes using hidden cameras, but they’ve become skilled at hiding pinhole cameras on the machines. And even without PINs, the information encoded on the mag stripe by itself can be used successfully with many online merchants.