Info-stealing malware discovered on their Windows-based ATM systems
Experts suspect insider attack...
By Brad Friedman on 3/21/2009, 10:37pm PT  


According to anti-virus provider Sophos – via ITWire – code has been discovered for a piece of malware that targets automated teller machines from US manufacturer Diebold, better known for its range of voting machines.

The code for the software uses undocumented features to create a virtual 'skimmer' which is capable of recording card details and personal identification numbers without the user's knowledge, which suggests that the creator had access to the source code for the ATM. While this doesn't directly point to an inside job, the possibility certainly can't be ruled out.

Sophos believes that the code was intended to be pre-installed by an insider at the factory...

ITWire explains: "It appears to be an inside job, as it uses undocumented functions of the ATM software and appears to use the printer. This suggests the people behind the malware have access to the Diebold software".

"Undocumented functions" just like those found on Diebold voting machines, naturally. And "access to the Diebold software" such as that gained by either a company insider, or someone who happened to find the source-code for Diebold's voting machine software just left by the company, available for download by anyone, on an unprotected Internet site...

A follow-up from SC Magazine offers more details and Diebold has confirmed --- in a letter [PDF] issued along with a security update sent to "Dear Valued Customer" --- that a "physical break-in...affected a number of Diebold automated teller machines (ATMs) in Russia". Those machines were their "Windows®-based ATMs". Not unlike their "Windows-based" voting machines.

In the letter, Diebold also writes, presumably with a straight face [emphasis added]: "This latest offense against Diebold ATMs is another example of the growing level of sophistication and aggression involving ATM-related crime. Security is one of Diebold's absolute priorities and our engineers are working constantly to address emerging ATM security threats."

Seriously, can't somebody finally put this horrible company out of America's (and the world's) misery?!

Recently related:

Not as recently, but still related:

That's not all, of course. We got a million of 'em. But we'll spare you for now. "Security is one of Diebold's absolute priorities." Indeed.

(Hat-tip "TH")