Remote ATM Attack Uses SMS To Dispense Cash 150
judgecorp (778838) writes "A newly discovered malware attack uses a smartphone connected to the computer that manages an ATM, and then sends an SMS message to instruct it to dispense cash. The attack was reported by Symantec, and builds on a previous piece of malware called Backdoor.Ploutus. It is being used in actual attacks, and Symantec has demonstrated it with an ATM in its labs, though it is not revealing the brand of the vulnerable machines."
Physical Access = owned (Score:4, Informative)
This is a physical access attack and therefore not very interesting.
To do this you have to cut the ATM open at the point where the computer is installed and attach a smartphone to the USB port (or in older versions, a USB stick, or keyboard). They recommend upgrading the OS and securing the hard drive. How about putting epoxy in the computer's device ports?
Re:HUH? (Score:4, Informative)
"they are not charging you a red cent if they have a theft."
No, they socialize that to the government insurance, which you pay for with your taxes. Banks take zero risk here.
Really? You think when a thief steals $1000 from an ATM that the bank gets paid back by the government? What country do you live in? The government insurance only kicks in when a bank actually fails - then the depositors get the money - not the bank.