MITM attack on the ATM. Hacking and withdrawal of cash.
In view of increasing incidents of Man in the Middle (MiTM) attacks on ATMs, all banks have been asked to enhance their safety norms for ATMs through end-to-end encryption in the network, officials said.
In a recent communication to all banks, the central government has said the MiTM attacks have been increasing under which messages sent by 'ATM Switch' to 'ATM Host' are altered by attackers to withdraw cash fraudulently.
Investigations by security agencies have found that cyber fraud gangs have started adopting a new modus operandi to withdraw money from ATMs, a security official aware of such incidents said.
According to the investigators, the fraudsters first tamper with the network (LAN) cable of the ATM. Declined messages from 'ATM Switch' are altered to successful cash withdrawal transaction responses, and subsequently cash is withdrawn from the ATM.
The attacker first inserts a device between the ATM machine and the router or switch in the ATM premises.
This device has the capability to modify the responses back from authorization host (ATM Switch) which is connected to ATM through network. The attacker then uses restricted cards (or blocked cards) to submit a withdrawal request.
When the 'ATM Switch' sends a declined message, the attacker in the middle alters the response to approve the transaction and subsequently withdraws cash, the official
In view of this modus operandi, the banks have been directed to ensure end-to-end encryption in the communication between the 'ATM Terminal' or PC and the 'ATM Switch', another official said.
Network cables, input/output port within the ATM premises should be concealed and physically secured or protected, the banks have been told.
Read about ATM/Kiosk Hacking
The best quality at a good price. #skimming #skimmer
Our channels:
English: https://t.me/skimmingserv
Russian: https://t.me/skimmingservice