

ATM Skimmers, Up Close - FSecurePal
http://krebsonsecurity.com/2011/01/atm-skimmers-up-close/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+KrebsOnSecurity+%28Krebs+on+Security%29&utm_content=Google+Reader

======
kondro
These are why all cards (and ATMs) should be smart-cards with asynchronous
encryption.

These cards and readers have existed for years… it's time to upgrade all the
end-user equipment to this new, secure standard.

~~~
pan69
Do banks have a benefit in upgrading? It will cost them a lot of money and at
the end of the day it's not their money thats being stolen. If it was their
money the upgrade would already have happend long ago. I know. I'm a
pessimist.

~~~
kondro
Well, given that here in Australia our banks guarantee all the money stolen
through skimming, then yes, it is in the banks favour to upgrade.

------
whynewsindeed
Yeah. This one's pretty slick. But dude has a bunch more here that are a bit
scarier.

<http://krebsonsecurity.com/all-about-skimmers/>

------
Joakal
I read in the past that the bank ATM security guy says if even a single call
goes to them that there's potential tampering with ATM, they will immediately
shut it down and go down there.

The ATM skimmer described sounds amateurish compared to the wireless skimmers:
[http://www.ctvbc.ctv.ca/servlet/an/local/CTVNews/20100820/bc...](http://www.ctvbc.ctv.ca/servlet/an/local/CTVNews/20100820/bc_pinhole_camera_100820/20100820?hub=BritishColumbiaHome)
Pinhole camera device records pin + Skimmer records card (number or strip?).

<http://www.snopes.com/fraud/atm/atmcamera.asp>

------
RickHull
> _buyers are told to install a hardware driver and software program on their
> Windows PC (both are safe and virus free, trust us!). After that, users are
> instructed to enter the password "0000" when prompted, but this seller
> doesn’t include instructions for changing the default password. It’s nice to
> know that computer crooks make the same flawed security design decisions as
> many mainstream manufacturers of consumer electronics._

It's not too hard to go from ignorance to malice. Imagine hawking these things
and taking 10% off the top, through a backdoor...

------
iwwr
Those things are really scary. Perhaps ATMs should come with a smooth,
polished slot where attachments are hard to conceal.

~~~
PostOnce
You'd then overlay the whole panel, a sheet of polished aluminum with your
hardware behind it placed over top of the original sheet of polished aluminum.

------
jacquesm
I suspect that ATM skimmers will see some nice features in the current
generation of 3D printers.

~~~
duskwuff
No need when you've already got Chinese manufacturers that don't ask
questions. Or whatnot.

