Criminals infecting ATMs with virus caught on hot
In Kiev, a criminal group specializing in secretly penetrating into the service parts of ATMs and further infection with malicious software code of the operating system of ATMs was neutralized, which led to unauthorized disbursement of funds. Ukrainian banks were damaged in the amount of more than 5 million hryvnias, and similar cases of infection of ATMs took place on the territory of Lviv and other regions of Ukraine.
The employees of the Department of Cyber Police of the National Police of Ukraine together with the employees of the Carpathian Department of Cyber Police and the Darnitsky UP GUNP (Police Department of the Main Directorate of the National Police) obtained permits for searches at the place of residence, at the places where the virus software was developed and in cars.
And already on May 13, 2016, it was established by operational means that this group of people was preparing for the next infection of an ATM in the territory of the city of Kiev, and it was decided to detain the criminals red-handed.
So, in the city of Kiev on Grishko Street, 6, a series of events were carried out by cyber police officers and four members of the criminal group were detained on a hot one.
6 minute video available:
After carrying out procedural measures at the crime scene, 10 authorized searches were conducted on the territory of the city of Kiev, Kiev and Lviv regions. More than 20 pieces of computer equipment, about 50 bank cards issued both in the names of the defendants and foreign persons were discovered and seized.
In addition, parts of ATMs (displays, receipt printers, cartridges, card readers and hard drives) were seized at the place of residence of detainees. Draft records and bookkeeping confirming illegal activity, POS-terminals, as well as a device for reading / writing technical information on magnetic tapes of bank cards were seized.
Remarkably, two ATMs were seized, which were bought by offenders in order to test the malicious code and improve it. As you can see in the photo above, the ATMs or parts thereof previously belonged to the Ukrainian bank Nadra, in which a banking license was revoked in mid-2015. The property of the bank was sold at electronic auctions in another way. Apparently, the criminals acquired the ATMs of this bank.
All detainees are citizens of Ukraine. One of the attackers comes from the Lviv region, the other from the Lugansk and Dnepropetrovsk regions. Law enforcement authorities suspect detainees of involvement in 30 facts of money thefts throughout Ukraine. Malicious software, according to the Cyber Police, was developed by the attackers themselves. However, I would like to recall a similar situation - the infection of ATMs with viruses and the detention of criminals - it was described by me earlier: The criminals who devastated ATMs using the Tyupkin virus were caught. Then the opinion was voiced that not only Diebold ATMs (in the photo above Wincor Nixdorf ProCash ATM) are vulnerable, and virus software can be sold on clandestine forums. As you can see, this happened in reality.
Source: Department of Cyber Police , Ministry of the Interior
The employees of the Department of Cyber Police of the National Police of Ukraine together with the employees of the Carpathian Department of Cyber Police and the Darnitsky UP GUNP (Police Department of the Main Directorate of the National Police) obtained permits for searches at the place of residence, at the places where the virus software was developed and in cars.
And already on May 13, 2016, it was established by operational means that this group of people was preparing for the next infection of an ATM in the territory of the city of Kiev, and it was decided to detain the criminals red-handed.
So, in the city of Kiev on Grishko Street, 6, a series of events were carried out by cyber police officers and four members of the criminal group were detained on a hot one.
6 minute video available:
After carrying out procedural measures at the crime scene, 10 authorized searches were conducted on the territory of the city of Kiev, Kiev and Lviv regions. More than 20 pieces of computer equipment, about 50 bank cards issued both in the names of the defendants and foreign persons were discovered and seized.
In addition, parts of ATMs (displays, receipt printers, cartridges, card readers and hard drives) were seized at the place of residence of detainees. Draft records and bookkeeping confirming illegal activity, POS-terminals, as well as a device for reading / writing technical information on magnetic tapes of bank cards were seized.
Remarkably, two ATMs were seized, which were bought by offenders in order to test the malicious code and improve it. As you can see in the photo above, the ATMs or parts thereof previously belonged to the Ukrainian bank Nadra, in which a banking license was revoked in mid-2015. The property of the bank was sold at electronic auctions in another way. Apparently, the criminals acquired the ATMs of this bank.
by the way, ATMs
you can still buy now
All detainees are citizens of Ukraine. One of the attackers comes from the Lviv region, the other from the Lugansk and Dnepropetrovsk regions. Law enforcement authorities suspect detainees of involvement in 30 facts of money thefts throughout Ukraine. Malicious software, according to the Cyber Police, was developed by the attackers themselves. However, I would like to recall a similar situation - the infection of ATMs with viruses and the detention of criminals - it was described by me earlier: The criminals who devastated ATMs using the Tyupkin virus were caught. Then the opinion was voiced that not only Diebold ATMs (in the photo above Wincor Nixdorf ProCash ATM) are vulnerable, and virus software can be sold on clandestine forums. As you can see, this happened in reality.
Source: Department of Cyber Police , Ministry of the Interior