译文:黑客使用信用卡入侵ATM详细报道
在俄罗斯犯罪分子使用恶意软件入侵Opteva自动取款机上的一个或多个企业。这一事件被称为“低技术突破”的骗子完成了“高科技知识安装病毒。”
Diebold已经发布了Opteva ATM的安全补丁后,俄罗斯网络犯罪分子闯入系统在一个或多个企业安装了恶意软件。
Diebold获悉这一事件发生在1月份,Diebold发出了一个全球性安全更新,ATM自动柜员机客户使用的是Windows操作系统。这不是全部发生了什么细节,包括受到了影响的业务,他表示罪犯获得了物理访问该机器并安装他们的恶意程序。
"犯罪分子获得物理访问受影响的自动柜员机"Diebold 说在其安全性更新.“这种犯罪活动造成自动取款机在设备上运作未经授权的软件,用来拦截敏感信息。”
受影响的闯入发生在俄罗斯“一些”的机器,DeAnn Zackeroff公司发言人说。“这起事件是一个低技术突破自动取款机,但他们如何安装病毒是高科技知识”她说。
Diebold没有正式说明犯罪分子怎样能安装软件的到系统上,但他建议客户安全更新,有几个因素会增加患这种破解入侵。这些措施包括使用密码已经失窃;Diebold规定不使用锁定式的Windows版本;或不当配置自动取款机附带的赛门铁克防火墙软件。
在研究样本VirusTotal提交网站,安全厂商至少在2009年11月就公布了已在市面流通的代码。
恶意软件,称为Troj / Skimer - A,可能有内部人员的知识Diebold ATM.一个病毒研究员Vanja Svajcer说,它使用相当多的功能没有记录,该软件取代Diebold文件夹档案,寻找打印屏幕上的数据,扫描在乌克兰的交易,俄罗斯和美国的货币.
Troj / Skimer不象计算机病毒一样扩散,但罪犯已经获得自动取款机内部计算机上安装代码, Svajcer说"你必须物理进入安装恶意软件的机器上",这不是件容易的事。
Sophos公司以前还没有看到这种类型的ATM恶意软件,但网络犯罪分子总是渴望获得支付卡信息,并已在谈日益复杂的技巧,以获取它。
过去几个月中,出现至少两个违反主要的信用卡处理的公司,罪犯已经知道安装信用卡硬件设备盗取银行的支付卡号码,以及微型照相机捕捉密码。
去年秋季,英国的每日电讯报报道说,一个有组织的犯罪集团,篡改数百支付卡扫描器,在移动电话网络发送他们支付卡号码的程序.
“这是另一个例子,越来越多先进水平和侵略的犯罪是跟自动柜员机有关 ”Zackeroff说.
原文:
Criminals used malicious software to hack into Opteva ATMs at one or more businesses in Russia. The incident has been described as a "low-tech break in" to the accomplished by crooks who had "a high-tech knowledge of how to install the virus."
Diebold has released a security fix for its Opteva automated teller machines after cyber criminals apparently broke into the systems at one or more businesses in Russia and installed malicious software.
Diebold learned of the incident in January and sent out a global security update to its ATM customers using the Windows operating system. It is not releasing full details of what happened, including which businesses were affected, but said criminals had gained physical access to the machines to install their malicious program.
"Criminals gained physical access to the inside of the affected ATMs," Diebold said in its security update. "This criminal activity resulted in the operation of unauthorized software and devices on the ATMs, which was used to intercept sensitive information."
The break-in occurred in Russia and affected "a number" of machines, said DeAnn Zackeroff, a company spokeswoman. "The incident was a low-tech break-in to the ATM, but they had a high-tech knowledge of how to install the virus," she said.
Diebold did not say exactly how the criminals were able to install the software on the systems, but its security update advises customers that there are several factors that can increase the risk of such a hack. They include using administrative passwords that have been compromised; not using the locked-down version of Windows that Diebold provides; or misconfiguring the Symantec firewall software that comes with the ATMs.
After studying samples submitted to the VirusTotal Web site, security vendor Sophos reported Tuesday that the code has been in circulation since at least November 2008.
Whoever wrote the malware, called Troj/Skimer-A by Sophos, probably had an insider's knowledge of the Diebold ATMs, said Vanja Svajcer, a Sophos virus researcher. "It uses quite a lot of functions that are not documented," he said. The software replaces files in the Diebold folder, looks for printer and screen data, and scans for transactions in Ukrainian, Russian and U.S. currencies, he said.
Troj/Skimer-A does not spread from computer to computer like a virus, however. The criminals have to gain access to an ATM's internal computer to install the code, Svajcer said. "You have to have physical access to install the malware on the machine, which is not an easy thing to do."
Sophos has not seen this type of ATM malware before, but cyber criminals are always hungry for payment card information and have been turning to increasingly sophisticated tricks in order to get it.
In the past few months there have been breaches at at least two major credit-card processing companies, and criminals have been known to install card skimming hardware on bank machines to steal payment card numbers, along with miniature cameras that capture passwords.
Last fall, the U.K.'s Daily Telegraph newspaper reported that an organized crime syndicate had tampered with hundreds of payment card scanners, programming them to send payment card numbers over mobile-phone networks.
"This is just another example of the growing level of sophistication and aggression when it comes to ATM-related crime," Zackeroff said.
黑客基地编译:http://www.itbusiness.ca/it/client/en/home/News.asp?id=52465&PageMem=2
关键字:黑客
