EMV PCI ATM Industry essential guide

  • Russian tech award winner charged with self-serve machine hack

Smart, yes — but then again, no. The Irkutsk student who took second-place honors in the 2012 All-Russian Information Technologies contest has now been charged with reprogramming a payment kiosk in order to steal the cash it held.

The 19-year-old student reprogrammed the payment kiosk with a software program he devised himself, according to the press service of the Irkutsk region's Ministry of Internal Affairs. Security guards from a nearby shop noticed suspicious activity near the kiosk and alerted the police, who took quick action and arrested the hacker on the spot.

Specialists from Department "K", the computer crimes unit of the Russian Interior Ministry, said that after hacking into the self-service unit, the student commenced sending money to SIM cards that had been registered using fictitious data. He managed to transfer around $2000 before he was apprehended.

Last December in Irkutsk, fraudsters hacked into an ATM, then used their own bill acceptor and a single bill to carry out multiple transactions totalling $300,000. To cover their actions, the thieves used a service card to remove logs from the transactions.

Pavel Efremov, head of technical support and integration at SafenSoft, a provider information security solutions for self-service devices, said that self-service device operators and users should not forget that "basically just a computer," most probably with a Microsoft Windows operating system onboard.

"Such systems have many different vulnerabilities ready for exploiting by anybody with some technical skill and imagination," Efremov said. "You need to defend the system not only against the known malware using the 'black list' and signature scanning technologies; you also need to take unknown malicious code into consideration, especially given that self-service devices cannot update their antivirus databases well.

"Additionally, you need to control the insider activity and external device connections," he said. "Ignore any of these points and you give a cybercriminal an easy way into modifying parts of the software."

Read more about security.

Related Content

User Comments – Give us your opinion!
Products & Services

Modular Thermal Printer - TELPAR MTP 600 Series

http://global.networldalliance.com/new/images/products/Telpar_MTP600.jpg

2404/Modular-Thermal-Printer-TELPAR-MTP-600-Series

Slabb Q5 – Digital Signage

http://global.networldalliance.com/new/images/products/2788.png

2788/Slabb-Q5-Digital-Signage

Holographic Kiosk Topper

http://global.networldalliance.com/new/images/products/5999.png

5999/Holographic-Kiosk-Topper

CUSTOM's TG2480 - Compact kiosk printer

http://global.networldalliance.com/new/images/products/TG2480_100px.jpg

2196/CUSTOM-s-TG2480-Compact-kiosk-printer

Digital Displays

http://global.networldalliance.com/new/images/products/6003.png

6003/Digital-Displays

Correctional Kiosk

http://global.networldalliance.com/new/images/products/6985.png

6985/Correctional-Kiosk

Impulse buying

http://global.networldalliance.com/new/images/products/6645.png

6645/Impulse-buying

TELPAR High Speed Thermal Printer

http://global.networldalliance.com/new/images/products/4338.png

4338/TELPAR-High-Speed-Thermal-Printer

Olea Chicago Kiosk

http://global.networldalliance.com/new/images/products/6301.png

6301/Olea-Chicago-Kiosk

STEGO CS/CSF 060 Kiosk Heaters

http://global.networldalliance.com/new/images/products/6571.png

6571/STEGO-CS-CSF-060-Kiosk-Heaters

PTC Electronics
Telpar
CONNECT 2014 Mobile Innovation Summit
Request Information From Suppliers
Save time looking for suppliers. Complete this form to submit a Request for Information to our entire network of partners.
Ventus