Security expert reveals the simple but highly effective way ATMs in Thailand were hacked


A security expert has revealed how it took just 5 minutes to hack more than 20 ATMS in Thailand, using a very simple but highly effective technique.

According to an expert from security firm Positive Technologies, hackers were able to simply drill a hole in the front of the ATM to access a USB port that eventually enables them to dispense money from the machine.

The whole process takes no more than five minutes.

Leigh-Anne Galloway, a security expert with Positive Technologies, told the BBC how an attacker can simply drill a hole just below the card reader in order to gain access to the USB port which is located beneath.

Once the USB port is located, which takes no more than one minute, hackers can then install malware onto the system that forces the ATM to dispense money.

Not only that but hackers could also collect data from cards using the same method and withdraw cash from your account without you having any idea.

Ms Galloway explained, somewhat alarmingly, that Windows XP is used to run most ATMs, which are “just a safe with a computer on top”.

“So you could put malware on this system that could collect data from cards as well”, Ms Galloway said.

“So that would be information that’s held on our cards as well. So if I as a consumer am using this machine it could collect my card data”.

“And that could spread around the whole network of ATMs”, she said.

This same technique was used in 2016 to hack ATMs in Thailand belonging to the Government Savings Bank in 2016.

Omsin Bank

Omin Bank ATMs offline after being infected with malware in 2016.

A total of 22 ATMS in Bangkok, Chumphon, Hua Hin, Cha Am, Phuket and Surat Thani were hit, resulting in losses of at least 12 million baht.

At the time, police said those responsible, believed to be a gang from Eastern Europe, had fled the country.

RELATED: How to spot an ATM skimmer so criminals don’t steal your money


Comments are closed.