Features Podcasts Family Video Comics Music Tech Science Books Film & TV Games ✚

Jill

Coordinated multinational ATM fraud nets $13M in one night

Cory Doctorow at 7:07 am Fri, Aug 26, 2011

— FEATURED —

Book Review

The Man Who Laughs: grotesque Victor Hugo potboiler was the basis for The Joker

Feature

Eurovision 2013: An American in London

Book Review

The Twelve-Fingered Boy - mesmerizing YA horror novel

— FOLLOW US —

Boing Boing is on Twitter and Facebook. Subscribe to our RSS feed or daily email.

 

— POLICIES —

Except where indicated, Boing Boing is licensed under a Creative Commons License permitting non-commercial sharing with attribution

 

— FONTS —

Tweet
Kindle
Crooks who compromised Fidelity National Information Services's prepaid debit card database were able to draw out $13 million in one night, working with co-conspirators in several countries in one weekend night, after the banks had closed:
Apparently, the crooks were able to drastically increase or eliminate the withdrawal limits for 22 prepaid cards that they had obtained. The fraudsters then cloned the prepaid cards, and distributed them to co-conspirators in several major cities across Europe, Russia and Ukraine.

Sources say the thieves waited until the close of business in the United States on Saturday, March 5, 2011, to launch their attack. Working into Sunday evening, conspirators in Greece, Russia, Spain, Sweden, Ukraine and the United Kingdom used the cloned cards to withdraw cash from dozens of ATMs. Armed with unauthorized access to FIS’s card platform, the crooks were able to reload the cards remotely when the cash withdrawals brought their balances close to zero.

Coordinated ATM Heist Nets Thieves $13M

(Image: ATM in a cage, a Creative Commons Attribution Share-Alike (2.0) image from yuval_y's photostream)

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE:  atm • Conspiracy • crime • finance • International

More at Boing Boing

Eurovision 2013: An American in London

The technology that links taxonomy and Star Trek

  • Steve Mayne

    To quote John Connor in Terminator 2: “Easy money.”

  • Fernando Montelbon

    Sometimes you’ve just got to be impressed. 

  • zikman

    man… I want some.

  • Michael Polo

    The fact that they didn’t have any auditing/flagging software in place, and/or they have no one watching things closely on the weekend is shameful. Why not just leave the vault open over lunch hour?

    • cservant

      I suspect it’s coding hell if you want to implement something like that.  I don’t know much about multinational ATM networks, but I’ve seen coding for credit card networks.  

      You have to jump through a lot of hoops just to do something simple as in check if this credit card has sufficient funds, validate card(no not just validate the number!).  It’s all propriety libraries and different hell pending on which network you choose.  Reason for that is security and instruction build up over the years.

      • dhoskins

        Wouldn’t it be easy enough to keep local information on how much the last card number has withdrawn, and keep a limit on payouts? They won’t have to dial out, just know the number.

  • Nadreck

    I wonder if that network is still using triple-DES encryption?  That’s getting kind of old and there are probably a lot of custom DES cracking chips out on the Black Market now.

  • http://twitter.com/ScytheNoire ScytheNoire

    Banks – Either they let you get ripped off, or they are ripping you off. That mattress is starting to look like a much smarter choice.

  • http://pulse.yahoo.com/_BOOM27DBLMZQIJVK4BQLE7K5YA Nagurski

    In Russia, you defraud bank.

  • Nikolaj Mariager

    I wonder why it doesn’t check location. I mean, there’s no way you could make a withdrawal on two sides of the planet in a few minutes.

  • http://redesigned.com redesigned

    scary thought, but does anyone know if atm machines record the serial number (or whatever it is called) of bills they dispense linked to the accounts they came from?  that would be a real eye opener for thieves and people that use cash for other less then legal transactions…

  • tubacat

    This reminds me of when ATMs were first introduced in England, around 1977 or 78. The way they worked (at first) was: you put your card in the machine and it spit out 10 pounds. Then you could do it again. And again. And again. Until the machine ran out. Only lasted a very short time…

  • http://omarc.me/ Omar Chatriwala

    Thieves? Co-conspirators? How can this not be called clear evidence of organized crime on a global scale?

  • http://pulse.yahoo.com/_OAUXAA362EXWLYVMPJOKLFB5JQ Incipient Madness

    Scary thing is that a scam like this involved possibly a hundred people. That will be its undoing. The more people involved the more likely people get caught.

    That’s one way to know the moon landings were real.