data structure kad sim musti tak jauh beza ngan chip kad atm bank tuh. musti pasang device utk intercept network paperhal pun, musti mamat nie dah tau apa jenis encryption & comm protocol yg bank nie guna, either vendor yg reveal client list atau keje org dalam
ade update. suspeknye udah didedahkan memang bukan orang mesia
KUALA LUMPUR: Pihak polis telah mengeluarkan gambar beberapa suspek yang telah menggodam dan mengeluarkan wang tunai dari ATM di cawangan yang dimiliki oleh Affin Bank, Al Rajhi Bank dan Bank Islam.
Semalam, Polis Bukit Aman berjanji untuk membawa penggodam-penggodam yang telah mencuri kira-kira RM 3 juta dari ATM di tiga buah negeri di negara ini ke muka pengadilan.
Polis berkata, suspek telah menggodam mesin ATM dengan memasukkan sebuah cakera padat kedalam CD-ROM yang terdapat pada mesin ATM itu
dan siap ada tnjuk video lagi cara cara nak hack ATM
The problem is there are up to 95% ATM machines still running on Windows XP. Again, due to cost and profit, banking institutions prefer to close one-eye and pretend as if their ATMs were as secured as the Alcatraz. In the case of Malaysian ATM thefts, the Latin Americans could most likely infected their compact disc with “Backdoor.Padpin” trojan horse. Once the CD is inserted, the ATM reboots and execute the trojan horse
Whichever the method used, the Latin American gang did one huge mistake – they forgot to erase their foot trail by deleting their trojan from the ATMs hacked and robbed. Perhaps they were too excited and surprised with the lack of banking security in this country. Either way, the fact that no security guard was deployed to this “goldmines” can only means one thing – the hacking spree is going to continue (*tongue-in-cheek*).
celah mana dia masokkkan cd eh?? and then even if they forgot to erase their trojan from the ATM, ape yang polis malaysia boleh lakukan?? dari trojan tu provide plan next target or kat mane culprit tinggal ke ape??
its time those who in charge dalam bank tuk monitor 24/7 cctv... jangan harapkan cctv semata mata tapi xde orang yang monitor in real time... buat at least 3-6 bulan dulu kalau malas...
tapi tak semua tempat rasenyer perlu 24 jam... sebab ade certain tempat pukol 12 je pintu dah x boleh bukak and mesen atm pon x berfungsi...
how come agak contradict dengan financetwitter punyer article...
A virus or malware known as Backdoor.Padpin (ulssm.exe) that was used by the Latin American syndicate to steal about RM3 million from ATMs in Selangor, Johor and Malacca over the weekend, is able to delete itself if detected.
Described as a type of Trojan virus, the malware was designed to infiltrate the "back door" of the computer system within the teller machines.
According to a leading Internet security company, Symantec Security, the virus was first detected in May and is known to affect machines running on the Windows XP and Windows 7 operating systems. It also has the ability to delete its own files if it failed to control or dominate the ATM, so as to avoid detection.
It also enables an attacker to use the ATM's PIN pad to submit commands to the Trojan. Once executed, the virus creates the ulssm.exe file, which can be placed in any folder on the compromised computer.
It has been discovered that the Trojan virus runs in the background until a specific code is entered on the ATM's PIN pad.
The Trojan virus was able to open a "back door" on the computer, thus allowing a hacker to make multiple withdrawals from the compromised ATM.
It also is able to select which cassette the ATM dispenses money from, display the cassette information such as number of bills left, including the denomination and total amount per cassette.
It then temporarily disables the local network to avoid triggering alarms when withdrawing money and extend the duration of the session in order to continue stealing money and subsequently delete itself from the compromised ATM.
It was reported yesterday that police identified a Latin American gang to be behind the ATM hacking syndicate that has been stealing money from automated teller machines (ATM) in Selangor, Johor and Malacca.
So far, police said branches of the Affin Bank, Al-Rajhi Bank and Bank Islam have been targeted.
Police today released several images of individuals suspected to be members of the gang and have launched a special operation called Ops Albatross to hunt them down. – September 30, 2014.
nak masok cd tu kena bukak kepala dia...maybe dia ade kunci duplicate... aku tau sbb kawan aku keje hantar duit kat atm...
rasenyer sesape yang pernah tgk orang bukak mesen atm mesti tau yang cd drive kat dalam atm... tu yang aku tertanya tanya celah mana dia masokkan cd?? takkan dia bukak mesen atm kot... kalau bukak, buat ape susah susah nak hack bagai... just take the money out from their case lol...
kalau betol ade cd... most probably orang dalam jugak or tech yang handle maintainance atm... kene tanyer pang atau atau mukh atau jaabil... diaorang je yang aku tau pakar bab atm neh sebab memang keje diaorang lol...
just found out this... nampaknyer... benarlah 'Aiden Pearce' dah keluar dari game masok dunia reality...
Connect a mobile phone to the machine with a USB cable and install Ploutus Trojan. Sends two SMS messages to the mobile phone inside the ATM. SMS 1 contains a valid activation ID to activate the trojan horse SMS 2 contains a valid dispense command to get the money out Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet. Network packet monitor (NPM) module coded in the trojan receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus Amount for Cash withdrawal is pre-configured inside the trojan horse itself. And voila, the hacker can collect cash from the hacked ATM machine.
somewhat related lol...
start at 0:47
Last Edit: Oct 1, 2014 10:36:04 GMT 8 by DarkEmperor
