DLSS Posted November 25, 2006 Share Posted November 25, 2006 Techology can always be surprising, if associated with human fantasy..This time we talk about MP3 players. Indeed those cute devices that are commonly used for listening to music have now acquired a new unexpected function: if properly handled they could turn out to be very effective instruments to carry out profitable (but also illegal) activities! Anyway this is not a Zone-H discovery: the idea was exploited by a British man who managed in outwitting British banking security system by using a normal MP3 music player to steal customer’s credit card details by bugging cash machines, the Times-online reported last week . The responsible has been identified as Maxwell Parsons, 41, a well known criminal figure that not only is involved in a series of robberies all around England, but also did he spend 32 months in prison for deception and unlawful interception of a public telecommunications transmission. Anyway, the MP3 technique isn’t his own invention, indeed he learnt how to use it from Malaysian gangs that have widely used this metod for long. But how did this technique work and how did he manage in carrying out the frauds? See Parson's step in the picture on the right. The fraudster recorded data transmitted from common ATM cash machines using MP3 portable music players, and then he converted data to readable numbers using a separate computer programme. “The phone line running from the machine to an ordinary BT white socket was unplugged and a two-way adaptor inserted. The MP3 player was then placed between the ATM machine’s output cable and the phone socket†the Times explains. “The player would record the tones, which resemble the kind of sound emitted by a fax machine. These were then interpreted using a modem line tap, or MLT, acquired from Canada, or passed through a computer software program bought illicitly in Ukraine.†Parson, who was also the key member of a gang that carried out several robberies in few months, used such data to encode and clone a number of credit cards and he purchased a plunder that amounted about to £200.000. The targeted ATM were placed in bars, bingo halls and bowling alleys. The irony in this story is that the man was not arrested during a police operation, but.. for an illegal U-turn that he did driving his car in London! His mistake was that of carrying with him one of his counterfeit credit cards. Once the policeman discovered it, he immediately alerted police headquater that obteined the authorization for a search in paron's house in Manchester. There, police came across 26 bank cards of which 18 were cloned and the rest counterfeit and all the technical equipment necessary to carry out the scam. Justice done: the criminal was caught and his secrets exposed: MP3 music players will be simple music players again.. for the time being. source : http://www.zone-h.org/content/view/14379/31/ Quote Link to comment Share on other sites More sharing options...
uber_tom Posted November 26, 2006 Share Posted November 26, 2006 I never use those ATM's anyway, they usually charge. Good idea though, just goes to show how vulnerable some of the banking systems are. I work in a bank, and my warnings about connecting to the central server through port 23 seem to go unheeded (we share our network with Leeds city council, the largest employer in the city). Quote Link to comment Share on other sites More sharing options...
VaKo Posted November 26, 2006 Share Posted November 26, 2006 I very nearly got the chance to hook a laptop up to one of those things. Shame that fell threw but this is one amazingly cool mod. Quote Link to comment Share on other sites More sharing options...
OtterFox Posted November 26, 2006 Share Posted November 26, 2006 Yep awesome mod but Im never using an ATM machine again. I still don't trust that my computer is secure so I do internet banking via a Linux live CD :) Quote Link to comment Share on other sites More sharing options...
rFayjW98ciLoNQLDZmFRKD Posted November 26, 2006 Share Posted November 26, 2006 What happed to encryption? Quote Link to comment Share on other sites More sharing options...
Jmtyra Posted November 27, 2006 Share Posted November 27, 2006 What happed to encryption? Pfft, over-rated. *grin* Quote Link to comment Share on other sites More sharing options...
Heinzanova Posted November 27, 2006 Share Posted November 27, 2006 What happed to encryption? This is a little in-accurate, or at least here in the US I feel. Typically the transmission (typical by FTC rules) is done with a two way key encryption hand shake. You can read more about it if you down load the user PDFs from the website of the maker of the various ATM machines. Quote Link to comment Share on other sites More sharing options...
anyedie Posted November 28, 2006 Share Posted November 28, 2006 did anyone ever hear how that guy managed to change the atm to spit out $20's as 5's? Quote Link to comment Share on other sites More sharing options...
Heinzanova Posted November 29, 2006 Share Posted November 29, 2006 did anyone ever hear how that guy managed to change the atm to spit out $20's as 5's? This is what it was The guy used the ATM manufacture's default codes (typically triggered by a sequence, and the code is like 0987654321 or 1234567890 while holding down a key by the display) to go into the ATM machine, and tell it that cash tray one was all 5s. Even though it was 20s. So he used his PRE-PAY`d card (this is how he couldnt track him) (prepay credit cards and ATM cards are readily avalible for sale at corner stores and on the web), and withdrew $300... but seing as it thought it had fives in it, it had to spit out 4x the amount... thus he got a bonus 900 from the ATM machine. You can find PDF files describing the manufacture's default codes online in PDF file with some cleaver google searching, seeing as most companies have taken down the files since this happened... ONLY IF YOU WANT TO MAKE SURE THE CASH MACHINE YOU BOUGHT IS SECURE AND THAT YOU HAVE RESET YOUR DEFAULT PASSWORDS... BOTH ADMIN AND THE ATTENDANT PASSCODES!!!! YOU HAVE NO BUSINESS DOWNLOADING AND READING THESE PDF's IF YOU DO NOT OWN THE MACHINE. /end legal notice. Quote Link to comment Share on other sites More sharing options...
Guest ABC Posted December 6, 2006 Share Posted December 6, 2006 I never use those ATM's anyway, they usually charge. since when? the scam about here atm is they fit a small camera facing down on the keypad and watch you type in your pass code, then they nick your card later. Quote Link to comment Share on other sites More sharing options...
cooper Posted December 6, 2006 Share Posted December 6, 2006 I was under the impression that the way this scam works was by glueing a slot over the real slot that seems to blend in well with the actual machine. As you insert your card, it passes through the fake slot which records what's on the magnetic strip. A folder tray or some such on the inside of the machine has a miniature camera aimed at the keypad to fill in the last bit of info you need. It was actually in a CSI episode from a while back. Here in .NL the machine starts by showing you an image of what the machine should look like from the outside in an effort to thwart this attack. Quote Link to comment Share on other sites More sharing options...
Guest ABC Posted December 6, 2006 Share Posted December 6, 2006 lol thats a bit advanced for here, they'll just pickpocket your card ... actually this time of year, three years ago the northmen bank here was robed of over £50 million Quote Link to comment Share on other sites More sharing options...
CaveMan Posted December 7, 2006 Share Posted December 7, 2006 what happened a few months ago is some guys in a 4 wheeler drove through the glass doors of a shopping center threw 4 atm machines into the back drove it got away with half a million in cash Quote Link to comment Share on other sites More sharing options...
uber_tom Posted December 7, 2006 Share Posted December 7, 2006 I never use those ATM's anyway, they usually charge. since when? Well round here all the stand alone ATMS (the ones that connect through phone lines, like the type in the article) tend to charge a transaction fee, usally about 10%. Quote Link to comment Share on other sites More sharing options...
Guest ABC Posted December 7, 2006 Share Posted December 7, 2006 wow, none do here :O Quote Link to comment Share on other sites More sharing options...
moonlit Posted December 7, 2006 Share Posted December 7, 2006 They do in the UK but it depends on which bank you're with. Quote Link to comment Share on other sites More sharing options...
cooper Posted December 7, 2006 Share Posted December 7, 2006 Same here. Taking money out of the machine is free. I do believe a few banks here charge you a small fee (like, a single euro) when you come in to retrieve money, unless it's a large amount that the machine isn't allowed to give out. Also, the most popular way to rob an ATM here is to drive a Shovel (think Bulldozer, but with tractor tires) into the wall of the bank. As a protection measure, they now place the ATMs in locations that don't have a direct path to them for such vehicles, or place large, anchored boulders around the machine. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.