黑客在ATM机植入代码取钱 为防黑吃黑设置安全机制

来源:互联网新闻 时间:2020-05-02 14:19

新华网1月2日电 据美国科技博客Gizmodo报道,为了从ATM机里偷钱,罪犯们真是不择手段。有一组研究人员发现又出现了新的手段:黑客使用受感染的优盘直接从ATM里取钱。

德国汉堡的混沌计算机大会上展示了这一现象,BBC的报道说黑客在ATM机上打了一个洞,然后用优盘把代码上传到ATM上。

这组匿名研究人员解释说,这种攻击已经在“欧洲某家银行的取款机”上实现了。最初人们在去年7月发现了这一问题,代码只要安装在机器上就可以多次运行。每次犯罪分子只需要输入12位代码就可以进入定制界面,方便他们取钱。

这款软件被安装在了4台不同的ATM上,犯罪分子可以看到机器里每种面值的纸币各有多少张,可以设定每个面值的纸币取出几张。虽然这听起来没什么用,但是研究人员表示,这可以让犯罪分子击中盗取大面值的钞票,犯罪分子可不想搞得效率低下。

这组黑客代码甚至还有安全机制,也就是说站在取款机旁边的犯罪分子需要从另一个成员那里得到一个数字并输入,才能取出钱来。研究人员表示,这机制先虽然是幕后主使设计的,以避免黑吃黑的情况发生。

显然,这种黑客攻击是很严重的,因为它直接进入了ATM的核心技术,并且需要对系统很熟悉才能完成。往好的方面说,至少这些钱不是从你个人账户里扣除的,而是银行的损失。

译者:林杉

百度新闻与新华网国际频道合作稿件,转载请注明出处。

Crooks Have Been Hacking ATMs With Infected USB Sticks

Criminals will go to all lengths to cheat an ATM out of its cash. But now, a team of researchers has discovered that skimmers may be a thing of the past: crooks have been targeting cash machines directly using infected USB sticks instead.

The findings, presented at the Chaos Computing Congress in Hamburg, Germany and reported by the BBC, show that hackers have to physically cut holes into ATMs, then plug in USB drives that install code onto the cash dispenser.

The team of researchers—who have asked to remain anonymous—explain that the hack has been carried out on an "unnamed European bank\'s cash dispensers." First noticed in July, once the code was installed on an ATM the exploit could be run again again. Each time the criminals simply typed a 12-digit code into the ATM to launch a custom interface, allowing them access to the machine.

The software, which was successfully installed on four different ATMs, then allowed the criminals to see how much money was available in the machine, by denomination, along with options to dispense each kind individually. While that might sound needless, the researchers pointed out that it allowed the crooks to focus on the highest value banknotes. Never let it be said that criminals are inefficient.

There was even a built-in security feature to the hackers\' code, which meant that the criminal at the cash point had to call another gang member for a numerical code to input before they could grab the bank notes. The researchers suggest that it was a mechanism put in place by the mastermind behind the software, to ensure none of his team went rogue.

Clearly, this is big-time hacking, that cuts right to the core of ATM technology and requires deep insight to work properly. On the plus side, at least you can rest easy that it\'s not your account getting hacked—just the bank\'s ATM. [BBC]

世界第一臀 轻松碎马桶外交部发言人谈中日关系未来:对于任何美国德国新加坡政府反对安倍拜鬼“最美浙江人——2013青春领袖评选西湖边小车与公交相撞 坐副驾驶的小女从上海逃来的双胞胎嫌犯在杭州被当街拦各地迎新年习俗:德国人吃鲤鱼 委内瑞贵州省威宁县发生疑似液化气中毒事故已武汉部门一把手进“台”赶考 最怕暗访普京下令全国提升警戒级别辞旧迎新 德国吃鲤鱼意大利跳河俄南极被困船救援等天时 中国直升机将美国股市2013年大涨近三成 获18杭州列出2014年治堵工作计划表 排杭州钱江路延伸线昨开工 城东再添重要杭州人大建议出租车不得买断挂靠和转包浙江出台政策避冤假错案 逮捕要先讯问杭州主城区与余杭区公共自行车系统全面10月11日,国务院总理李克强在泰国中国大妈的2013:钱没赚够 赚足了【你好!2014】奇趣风俗 贺新年全民调显示多数美国人认为2014年经济普京向清洁工一家赠送哈士奇 实现其新严防日本军国主义死灰复燃苹果声明从未与美国国安局合作监控iP中国海军赴地中海为运输叙利亚化学武器舒马赫伤情稍有好转苹果声明从未与国安局合作监控iPho各地迎新年习俗:德国人吃鲤鱼 委内瑞网络盛传的哈佛校训是假的杭州德胜快速路今天10点全线开通(图美国男收到亡妻“催泪礼”德国消费者信心指数创6年多来新高6名北约士兵在阿富汗南部坠机身亡82岁老妇腹腔“石胎” 形成40年未日本拟指礁为岛再演圈海把戏 被指野心欧盟开出史上最大罚单:六金融机构操纵美发动重返亚洲新攻势拜登东亚行预热泰国外交部称32个国家和地区发出赴泰泰国示威者占政府大楼 要英拉下台(高中国申请长期赴英签证个人将被要求进行浙江率先立法护航社会救助 涵盖符合条中国工程技术展在科伦坡举行以促进合作美国拟2015年向7500架无人机开日自负态度让中韩美厌烦 “国际混混”口腔护理有利癌症治疗纽交所黄金期货市场30日交投最活跃的17国诞生音乐试管婴儿 英国宝贝天生日本156名学者成立研究会 呼吁改善美国安局未及时安装防泄密软件 斯诺登