Targeted Hacking

Targeted Hacking

August 4, 2009.

Fraudsters who rigged ATM machines at hotel venues in Las Vegas last week appeared to be targeting their "white hat" colleagues in the business on one incident, where the venue was the scene of the Black Hat USA and Defcon hacker conference. reports that a malicious ATM kiosk was positioned in the conference centre of the Riviera Hotel Casino, capturing data from an unknown number of hackers attending the conference before someone became suspicious.

An organiser for the conference said security authorities seized the device, but little information on its nature has been released. Witnesses said the kiosk was well-placed to avoid surveillance cameras.

"In any casino anything that is considered that high-value has a camera," said Brian Markus, CEO of Aries Security who saw the machine, "They placed it where there were no hotel cameras visibly watching that exact spot."

Markus said it was clear to him the ATM was fake when he looked at the smoked glass on the front of the machine. When he beamed a flashlight through the glass, instead of seeing a camera behind it, he saw that a PC had been set up to siphon card data.

The ATM had been placed right outside the hotel's security office.

Over at the Rio All-Suite Hotel & Casino a more conventional ATM modus operandi was in place, widepread press reports indicate. The U.S. Secret Service is apparently investigating this major ATM hack that stole money from users' bank accounts from multiple machines.

The ATM scam first came to light when security researcher Chris Paget lost $200 to an ATM machine over the weekend at the hotel. Paget, who kept a running log of the events on his Twitter feed, alerted authorities after the machine took his credentials and debited his account, but didn't spit out any cash. He said in his Twitter feed that he met other visitors who had lost money in a similar fashion, one of them reporting a loss of $1 000.

Paget was able to cancel his ATM card and reverse the transaction through his bank, he tweeted.

Again, little firm information had been released by investigators, and it herefore not clear whether the machines were rigged with malware or card skimmers.

Paget opined to reporters that the scam could be an inside job of some sort. "I believe it was either malware or an inside job - there were no visible skimmers," he said in an interview. "The machine was operating perfectly - it answered all the steps, and you could even hear the gears whirring when it was supposed to dispense the cash."

But given that Paget was unable to examine the machines closely, he says for now it's all "speculation."

Mentioned in this article