We’ve previously heard of scammers stealing people’s banking information with ATM skimmer devices that record card number and PIN information and variants that steal that info from gas pumps, but this might be even more disturbing: A Bank of America employee in North Carolina has been charged with installing malware directly into bank ATMs that allowed him to fraudulently withdraw money without a trace.
What’s worse, these alleged thefts could coincide with the beginning of a wave of Eastern European ATM malware, which banking security experts fear may be coming to America:
From Wired‘s Threat Level:
The charges were filed the same day that credit card company Visa warned the banking industry that Eastern European ATM malware recently showed up in America for the first time.
That code, initially spotted last year on some 20 ATMs in Russia and Ukraine, was designed primarily to capture PINs and bank card magstripe data, but also allowed thieves to instruct the machine to eject whatever cash was still in it. At the time, security firm Trustwave warned that the malware was likely headed for ATMs in the United States.
It’s unclear how much Rodney Reed Caverly allegedly stole, apart from its being more than $5,000; reportedly, the fraud only affected the bank and not the bank’s customers. But as a sign of things that may come, the case is a disturbing reminder of how insecure our most sensitive information can be.
(Danger Room via /.)
Published: Apr 9, 2010 05:24 pm