forums
new posts
donate
UER Store
events
location db
db map
search
members
faq
terms of service
privacy policy
register
login




UER Forum > Private Boards Index > Tech Talk > New form of electronic Credit Card theft (Viewed 2189 times)
jacunda 


Location: Toledo area
Gender: Male
Total Likes: 12 likes




 |  |  | Yahoo! IM
New form of electronic Credit Card theft
< on 12/3/2010 1:48 PM >
Reply with Quote
Posted on Forum: UER Forum




trent 

I'm Trent! Get Bent!


Location: Drainwhale hunting
Gender: Male
Total Likes: 9 likes


Not on UER anymore.

 |  |  | infinitedecay
Re: New form of electronic Credit Card theft
< Reply # 1 on 12/3/2010 2:32 PM >
Reply with Quote
Posted on Forum: UER Forum
And my bank thought I was weird when I was refusing their their new RFID (or whatever technology it was) chip bank cards.

Seriously, how fucking stupid is it to create a technology not at all quicker than a magnetic strip reader and includes massive security flaws by design. The technology in this applications offers no benefit besides it being 'cool'.

-----

Also, when ever you use an ATM/card reader make sure no one has installed a skimmer over the card reader. Thieves have been stalling mini card readers over the reader which stores your CC# and pin when you swipe the card. Some are 'dumb' and just store your cards information and the ATM appears to not work. Some are better and will still let you use the ATM while still recording your information for the thief to pick up later in the day.

------

I'm a little sketchy on the details, but there is also an old school hack making a resurgence which records the audio of the ATM's card reader head passing over the magnetic strip. The detailed audio recording of this noise can be decoded and converted to text-based CC info.

Oh, there's also been instances of people using mine spy camera's to record the numbers on the card as it gets passed through the reader.

-----

I'm also very hesitant to use very graphical looking ATM's. Usually for the GUI the ATM is running Windows (usually XP). Many ATMS out there don't have their service/admin logons changed from the default and thieves can just google the instruction manual for the default logon codes. If a thief can get in and the thing is running windows, it'd be very easy for a thief to install his own code which logs all transaction and authentication info on the machine itself and then logs in at a later date to download (or heck, maybe even email/transmit over internet/phone) to himself with absolutely no suspicions for the legitimate user to suspect.

----

I've also heard of a few instances of fake ATM's being deployed. Once of these was at a DEFCON conference where in the main foyer someone set up their own ATM which displayed a generic "Unable to complete transaction" or "Machine is empty, Cannot dispense cash, Transaction Cancelled" error after the user swiped their card and entered their pin. Then later the thieves come back with their dolly and all dressed up like fake ATM service people and remove the 'broken' machine for 'repair' (harvesting their info).

-------

My favorite hack though is when someone logs onto the ATM as the admin user (because default codes were never changed) and tells the ATM that all those $20's physically loaded in the machine are actually $5's thus fooling the machine so that anyone withdrawing $20 actually gets $80 yet the bank only sees a transaction for $20. It's easy to get caught though because anyone using the ATM during this span becomes a suspect -- especially if your ATM activity is more than it normally is. The more people who use the machine while it's hacked provide the hacker more cover through # of suspects, but also the more people who use it while it's hacked results in it getting found out much quicker.






Summary: Using ATM's at times can be a serious security risk. And wow. I think I kinda know too many different ways to steal CC info via ATM's.



[last edit 12/3/2010 6:18 PM by trent - edited 3 times]

He who rules the underground, rules the city above.
AnAppleSnail 


Location: Charlotte, NC
Gender: Male
Total Likes: 49 likes


ALL the flashlights!

 |  |  | AIM Message | My Flickr Page
Re: New form of electronic Credit Card theft
< Reply # 2 on 12/3/2010 5:56 PM >
Reply with Quote
Posted on Forum: UER Forum
Posted by trent
And wow. I think I kinda know too many different ways to steal CC info via ATM's.


Knowing the risks is never a bad thing. Usually the people smart enough to know how to mess with ATMs know better [know better scams, that is].




Achievement Unlocked
UER Forum > Private Boards Index > Tech Talk > New form of electronic Credit Card theft (Viewed 2189 times)


Add a poll to this thread



This thread is in a public category, and can't be made private.



All content and images copyright © 2002-2024 UER.CA and respective creators. Graphical Design by Crossfire.
To contact webmaster, or click to email with problems or other questions about this site: UER CONTACT
View Terms of Service | View Privacy Policy | Server colocation provided by Beanfield
This page was generated for you in 108 milliseconds. Since June 23, 2002, a total of 737062660 pages have been generated.