Tag Archive for: Hacking

Jackpotting = Free Cash!? Malware + Hackers

Malware called “Cutlet Maker” is designed to make ATM’s eject all of the money inside them according to a law enforcement official. Thi is called Jackpotting.

“Ho-ho-ho! Let’s make some cutlets today!”

Curlet Maker’s control panel reads the above. It shows cartoon images of a chef and a cheering piece of meat. This means in Russian, a cut of meat. However it also can bean a bundle of cash.

Jackpotting

A joint investigation between our friends over at Motherboard and the German broadcaster Bayerischer Rundfunk (BR) looking into “jackpotting”

A spate of attacks on ATM’s in Germany in 2017 saw thieves make off with more than 1M Euros.

Jackpotting is where cybercriminals use malware or hardware to trick ATM’s into ejecting all of the money inside of them. No need to use a credit card either. They’ll install the malware onto an ATM by prying open a panel and loading it on using a USB stick and USB port.

Although a European non profit said that Jackpotting attacks have decreased, multiple sources tell Motherboard that attacks in other parts of the world have gone up. Such as the US, Latin America and Southeast Asia. Impacting both the banks and ATM manufacturers.

“The U.S. is quite popular,” a source familiar with ATM attacks told Motherboard.

(Motherboard and BR granted multiple sources, including law enforcement officials, anonymity to speak more candidly about sensitive hacking incidents.)

Showing off…

During an annual Black Hat cybersecurity conference in 2010. Late researcher even demonstrated live on stage his own strain of ATM malware. His malware displayed JACKPOT on the ATM as it threw out the cash in a steady stream.

Christoph Hebbecker, a prosecuting attorney for the German state of North Rhine-Westphaila told Motherboard that his office is investigating 10 incidents between February and November 2017. Hackers stole 1.4M Euros, Hebbecker said. He continued that because of the similar nature of all the attacks. He believes that they could be linked to the same criminal gang.

Multiple sources told Motherboard that the attacks in 2017 impacted Santander; two sources said they specifically involved the Wincor 2000xe model of ATM, made by the ATM manufacturer Diebold Nixdorf.

A Santander spokesperson said in an emailed statement to Motherboard,

“Protecting our customers’ information and the integrity of our physical network is at the core of what we do. Our experts are involved at every stage of product development and operations to protect customers and the bank from fraud and cyber threats. This focus on protecting our data and operations prevents us from commenting on specific security issues.”

Furthermore, officials in Berlin, said they had seen at least 36 jackpotting cases since Spring 2018. With 1000’s of Euro’s stolen. Across Germany over the past several years 82 attacks have occured, according to police spokespeople. While not all of them were successful cash outs.

Aging ATM’s

ATM Jackpotting isn’t limited just to a single bank or ATM manufacturer. “You will see this across all vendors; this is not dedicated towards a specific machine, nor towards a specific brand, and definitely not a region,” Redecker said.

A reason for the security issue is that ATM’s, for many of them, are aged Windows computers.

“These are very old, slow machines,” the source familiar with ATM attacks informed Motherboard.

While many ATM manufacturers have made improvements to their devices, it doesn’t mean that all ATM’s will be up to the same standard, Redecker from Diebold Nixdorf stressed.

Furthermore responsibility on securing access to the ATM’s is the banks responsibility too.

“In order to execute a jackpotting attack, you have to have access to the internal components of the ATM. So, preventing that first physical attack on the ATM goes a long way toward preventing the jackpotting attack,” David N. Tente, executive director of USA, Canada & Americas at the ATM Industry Association (ATMIA), said in an email to Motherboard.

Redecker said he’s been witnessing Jackpotting attacks across the globe since 2012. Germany suffered it’s first Jackpotting in Berlin in 2014.

Cheap Software

In 2017, around the same time as the attacks, researchers at Kaspersky, a cybersecurity firm. published research showing Cutlet Maker for sale on hacking forums. It seemed like anyone with the money could buy the software and try Jackpotting for themselves.

“The bad guys are selling these developments [malware] to just anybody….That has enabled smaller outfits or enterprising criminals to start targeting ATMs..Potentially this can affect any country in the world,” David Sancho, senior threat researcher at cybersecurity firm Trend Micro, and who works with Europol on jackpotting research, said to Motherboard.

Motherboard spoke to one cybercriminal claiming to sell the Cutlet Maker malware.

“Yes I’m selling. It costs $1000,” they wrote in an email, adding that they can offer support on how to use the tool as well. The seller provided screenshots of an instruction manual in Russian and English, which steps potential users through how to empty an ATM. Sections of the manual include how to check how many banknotes are inside the ATM, and installing the malware itself.

The European Association for Secure Transactions (EAST), a non-profit that tracks financial fraud, said jackpotting attacks decreased 43 percent over the previous year, in a report published this month. But it’s worth stressing that EAST’s report only covers Europe.

“It happens in parts of the world where they don’t have to tell anybody about it,” the source familiar with ATM attacks added. “It’s increasing, but, again, the biggest problem we’ve got is that nobody wants to report this.”

Heading to the US?

Such a lower barrier of entry into ATM malware, you could argue as being the reason as to why there’s a rise in Jackpotting attacks. While in January of 2018, the secret service began warning financial institutions of potential Jackpotting attacks in the US.
Although those used a different piece of ATM malware called Ploutus.D.

“Globally, our 2019 survey indicates that jackpotting attacks are increasing,” Tente from ATMIA wrote in an email to Motherboard.

As the source familiar with ATM attacks said, “There are attacks happening, but a lot of the time it’s not publicized.”

(VICE)F

Keep up to date with everything How To Kill An Hour by signing up to our newsletter by clicking here!

Let us know what you think of the show by clicking here!

Click here to subscribe to our YouTube Channel to see more amazing ways to kill time!

Follow us on Twitch by clicking here!

UK Email Hacker Trolls US Officials

A British prankster (@SINON_REBORN) has amazingly pranked a number of high level US officials writing to Tom Bossert (Homeland Security Officer) posing as Trump’s son-in-law, Jared Kushner:

Tom, we are arranging a bit of a soirée towards the end of August. It would be great if you could make it, I promise food of at least comparible [sic] quality to that which we ate in Iraq. Should be a great evening.

Bossert:

Thanks, Jared. With a promise like that, I can’t refuse. Also, if you ever need it, my personal email is [redacted]

Scaramucci, was a victim as well with the prankster posing as Priebus.

Fake Priebus:

I had promised myself I would leave my hands mud free, but after reading your tweet today which stated how; “soon we will learn who in the media who has class, and who hasn’t”, has pushed me to this. That tweet was breathtakingly hypocritical, even for you. At no stage have you acted in a way that’s even remotely classy, yet you believe that’s the standard by which everyone should behave towards you? General Kelly will do a fine job. I’ll even admit he will do a better job than me. But the way in which that transition has come about has been diabolical. And hurtful. I don’t expect a reply.

Scaramucci:

You know what you did. We all do. Even today. But rest assured we were prepared. A Man would apologize.

Fake Preibus:

I can’t believe you are questioning my ethics! The so called “Mooch”, who can’t even manage his first week in the White House without leaving upset in his wake. I have nothing to apologize for.

Scaramucci replied:

Read Shakespeare. Particularly Othello. You are right there. My family is fine by the way and will thrive. I know what you did. No more replies from me.
In a follow-up message @SINON_REBORN tweeted but which was not included in the CNN report, the fake Priebus taunted Scaramucci about his “zero dollar pay scale,” adding, “Keep spell checking your press releases, Anthony. It’s me that will be thriving.”

Scaramucci also fell for it again with Sinon this time posing as Jon Huntsman Jr Ambassador to Russia-designate:

Who’s [sic] head should roll first? Maybe I can help things along somewhat

Scaramucci:

Both of them,”

We can only assume he’s referring to Steve Bannon.

SINON_REBORN also posed as Trump’s son Eric in emails to Huntsman:

Thanks for the thoughtful note. Russia will be a challenging but no doubt rewarding assignment.

Fake Eric:

Maybe we could have Dad sat (sic) on a horse, top off, giving the full Putin! He’s in better shape than his suits suggest.

Eric Trump, the real one, was the only one who caught on to the prank and told the prankster  @SINON_REBORN that law enforcement were aware.

 

UK hacker exploits online bank loophole to steal £100,000

A UK hacker has been jailed for stealing almost £100,000 from a bank by exploiting a bug in the bank’s online banking system

A young man from the UK , James Ejankowski, defrauded a bank group of more than £99,000 in December 2016 – he spent the money on a Range Rover, a BMW and… tattoos for his face.

He lied to his family saying he’s won the money on a scratch card, but in reality he had found a loophole in the system; Ejankowski, discovered that if he used the Clydesdale Bank’s online banking software to transfer theoretical funds between his current account and his savings account between midnight and 01:00, the transaction would work and the bank would not find out.

Four weeks after he began stealing the funds, he turned himself in to the police on Boxing Day and made a full admission of guilt, saying he only had £40 left.

The bank has so far been able to recover £34,000 and Ejankowski has been sentenced to 16 months’ imprisonment for fraud.

Watch Dogs 2 Review

Back from the Deadsec Read more

Anonymous War!

Credit: BuisnessInsider

Credit: BuisnessInsider

Whatever you do boys, do not p*ss off Anonymous. They will come for you and they will come HARD! (That does not sound right)

Anonymous have announced a war on international dick-head Donald Trump – again. First time when they posted a message to the candidate in 2015 regarding his comments concerning Muslims.

They hope to bring down many of Trump’s personal and business sites using #OpTrump, but also halt his presidential bid by uncovering and exposing embarrassing information:

”your inconsistent and hateful campaign has not only shocked the United States America, you have shocked the entire planet with your appalling actions and ideas.”

The collective has already posted unverified personal information about Trump and staff, including his social security number.