7월에 대만 제일상업은행에서 사용하는 Wincor PC1500 ATM기를 타겟팅한 신종 악성코드에 의해서 현금 인출사고 발생.
폐쇄망인 ATM에 악성코드를 설치하기 의해서 영국지점에 있는 voice recording server를 침투 한후, atm기기 소프트웨어 패치 솔루션을 이용하여 다 수의 ATM기기 감염 시킨 것으로 알려짐
감염된 ATM기는 윈도우 XP를 사용하고 있으며, 백신은 설치되어 있으나 화이트스트 기반의 프로그램 통제하는 솔루션은 미 설치로 알려 짐.
악성코드 파일명은 실제 ATM기에서 사용하는 프로그램과 동일 프로그램 이름을 사용.
기존 ATM기 현금유출사고는 대부분 인출카드 복제여서 일반 고객이 피해를 입은 반면에 이번은 일반고객피해는 없고 은행의 손실만 발생 함
아래 기사 참고
Taiwan arrests three foreigners in multi-million-dollar ATM cyberheist
MON JUL 18 18:06:13 EST 2016
Email Facebook Twitter WhatsApp
Taiwanese banknotes found in hotel of suspect in ATM heist
PHOTO Banknotes from the $3.4 million cyberheist were found in the hotel room of one of the three suspects arrested
REUTERS: TYRONE SIU
Taiwan has arrested three foreign suspects over a $3.4 million cyberheist which used malware to hack into a major local bank’s ATM network and steal bags of cash.
Criminals used malware to steal millions from 41 Taiwanese ATMs.
Three foreign suspects arrested over heist, but police say 13 others have fled country.
Police say half the stolen money has been recovered.
Major banks have frozen withdrawals from nearly 1,000 ATMS of the kind targeted.
The attack, the first of its kind in Taiwan, targeted the First Commercial Bank’s ATM network last week, using malware to withdraw more than $3.4 million from dozens of machines in three cities.
A Latvian suspect, identified as Andrejs Peregudovs, was arrested by police in the north-eastern county of Yilan after being spotted by an off duty police officer from Taipei who was on holiday in the area.
Two other suspects from Romania and Moldova were arrested at a hotel in Taipei, police said, adding they believed the heist was carried out by a 16-member international crime ring.
“This is the first time that an international team of ATM thieves has committed a crime in Taiwan,” Lee Wen-chang, chief commander of the Criminal Investigation Division, told reporters.
Police have recovered more than half of the stolen money, but warned that 13 of the suspects — including five Russians — had already fled Taiwan after the heist.
“We will continue to search for the rest of the stolen money to let international hackers know that Taiwan is not a crime haven,” the statement said.
Police have sought assistance from both Interpol and Russia’s de facto embassy in Taiwan.
Surveillance images released by the bank showed masked robbers working in two-man teams targeting 41 ATMs belonging to the First Commercial Bank in three cities.
It is not clear how the thieves installed malware on the ATMs, but within five to 10 minutes, the thieves are seen walking away with bags full of stolen cash, the bank said.
Police say they may have used a mobile phone to target the ATMs, and investigators have identified three different malware programmes that were used to trigger withdrawals.
Since discovering the theft, Taiwan’s major state-run banks have frozen withdrawals from nearly 1,000 ATMs of the kind targeted in the heist, which are supplied by Germany’s Wincor Nixdorf.
In May, a gang stole $13 million from Japanese ATMs in a three-hour spree.