Skip to main content

Watch out for those handy ATMs


Had a call from an industry pal over the weekend, advising to be careful when using a pub, club or similar `handy' ATM for a cash withdrawal.

Apparently the latest scam is to plug a recording device in between the ATM cable and the BT phone socket (opens in new tab)- yes, incredibly, the machines use an encrypted modem connection - that logs the data exchanged with the bank's EFTPOS network.

Since the data includes the card details, together with the PIN keyed in by the customer, provided the hackers can decrypt the data stream recording, they can clone the card and use it at both chip and PIN, as well as ATMs for cash withdrawals.

Scary stuff.

The worst part about this scam is that my pal says there is a Russian decryption package - known as Bergemot - floating around, that allow the high level encryption stream used by these handy ATMs to be decrypted using a standard PC.

The number crunching involved is quite immense, so the program has to whirr away for several hours, but at the end of the run, the hackers get access to the customer's card details and their PIN.

I have no idea whether this report is a hoax, but it does seem to hold water (opens in new tab), as I examined a Moneybox ATM over the weekend at our local watering hole and, sure enough, it is connected via a bog standard modem cable.

The solution to the problem is quite simple. If you plan on using one of these non-hole-in-the-wall cash machines, check the connection at the wall socket. If the connection looks dodgy, don't use the machine.

Of course, you could plan ahead and use a standard ATM - and also save the cost of using the handy cash machine - but real life doesn't always allow such luxuries...