A Russian cybersecurity firm has issued a warning about a spate of remotely coordinated attacks on cash machines.一家俄罗斯网络安全公司日前收到警告称之为,自动取款机于是以受到远程协同反击的威胁。Hacks of banks centralised systems had made groups of machines issue cash simultaneously, a process known as touchless jackpotting, said Group IB.全球网络安全公司Group IB回应,黑客运用一种取名为“自动呼钞”的程序反击银行的中央系统,从而使多台自动取款机同时自动呼经常出现钞。The machines had not been physically tampered with, it said, but money mules had waited to grab the cash.Group IB称之为,这些自动取款机的硬件并没被动过手脚,但“钱骡们”却都趁机借此大炒一笔。
Affected countries are said to include Armenia, Estonia, the Netherlands, Poland, Russia, Spain and the UK.据信这次受害者的国家还包括亚美尼亚、爱沙尼亚、荷兰、波兰、俄罗斯、西班牙和英国。But the company declined to name any specific banks.但Group IB拒绝接受透漏任何被反击银行的名字。
Dmitriy Volkov from Group IB told the BBC a successful attack could net its perpetrators up to $400,000 at a time.Group IB的德米克利.沃尔科夫对BBC说道,一次顺利的反击最少并能犯罪团伙净赚40万美元。We have seen such attacks in Russia since 2013, he said.他说道:“从2013年起,俄罗斯就再次发生过类似于的事件。
”The threat is critical. Attackers get access to an internal banks network and critical information systems. That allows them to rob the bank.“黑客攻击的威胁十分相当严重。罪犯可以白入银行的内部网络以及最重要的信息系统,这让罪犯远程偷窃银行沦为了有可能。”Two cash machine manufacturers, Diebold Nixdorf and NCR Corp, told Reuters they were aware of the threat.自动取款机制造商迪堡多丰和NCR对路透社说道,他们早已意识到了黑客攻击的威胁。
They are taking this to the next level in being able to attack a large number of machines at once, said senior director Nicholas Billett, from Diebold Nixdorf.迪堡多丰的高管尼古拉斯.比利特说:“通过重复使用攻陷大量取款机,黑客攻击早已提高到了一个新的水平。”They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down.“黑客告诉反击迅速就不会被找到,所以他们不会在银行重开入口前,攻陷尽量多的取款机,以榨取巨额现金。”Follow the money“跟踪现金流向”A recent report by Europol warned of the rise of cash-machine-related malware, although it said skimming - using hardware to steal card information at the machine itself - was still more common.欧洲刑警的组织近日的一份报告警告称之为,与取款机涉及的恶意软件的数量正在下降,不过,它也回应,用“读卡器”在取款机上窃取银行卡信息仍是更加广泛的犯罪招数。
The new method is being done by somehow gaining access to the banks central systems and infecting whole communities of ATMs simultaneously, hence multiplying the amount of money that can be stolen in a short time, said Surrey Universitys cybersecurity expert Prof Alan Woodward.萨里大学的网络安全专家艾伦.伍德沃德教授说道:“这种新招数通过白入银行的中央系统,同时操纵大片区域的自动取款机来构建,这样,罪犯在短时间内窃取的现金就能大大增加。”Because criminals were collecting the cash in person, it made the crime more difficult to trace, he added.他还补足道,由于罪犯都是特地来拿钱,增大了跟踪可玩性。The classic way of solving online financial crime is to follow the money - but when you can no longer do this, it is very hard to find out who is behind it, even though the evidence suggests it is a very limited number of groups that have started perpetrating this type of crime.“密码网络金融案件的传统方法是‘跟踪现金流向’——但现在这种方法过热了。即使有证据指出,只有几个团队在远程盗取取款机现金,但你仍很难追查背后的主使者是谁。
本文来源:凯发一触即发(中国区)官方网站-www.0739web.com