State Bank of India has well-arranged a forensic audit into an computerized teller machine in Odisha that emitted out cash without any card being swiped at the ATM machine. Also it is said that this sort of behavior has been identified for about 10 cash dispensers around the country of various banks & this one recently behaved in the similar manner.
"Around 10 ATMs have been affected as per preliminary information," said Navroze Dastur, managing director of India and South Asia operations at NCR Corporation, which sells and maintains ATMs.
It was suspected that these are localized hacks on machines running outdated software but don't involve any wider network infections. Experts pointed out that a number of machines are running obsolete Windows XP software, which Microsoft has stopped updating.
A top executive at an ATM deployment conveyed that "Banks mostly do not service and update these machines on time, which makes them vulnerable to highly sophisticated attacks as fraudsters use the most advanced technology available."
"A forensic audit is currently underway and we are trying to understand whether a software malfunction caused the glitch in its systems. Typically, an audit takes around four to six weeks to be completed we should get the report within the end of this month." said a senior State Bank of India official.
Let's see how the ATM was infected:
ATMs may have been subjected to a 'physical' malware attack that involves plugging a device — say a laptop or phone — into the dispenser's USB port to transfer an infected file or virus that causes the machine to behave unpredictably. Initial reports also suggested that the criminals target machines in remote locations that are usually left unguarded, allowing them to open the outer casing to access the USB port. Once infected, the machine can be remotely controlled by a virtual keyboard and instructed to spew out cash. Experts said that there are keys available which allow an ATM to be opened by unauthorized persons as well and then it needs to be connected to a system through a cord to transfer the virus.
No comments:
Post a Comment