恶意软件让多台取款机同时“自动吐钞”

黑客的手段之高越来越令人咋舌，如今黑客居然能够远程攻击银行，让多台取款机同时自动吐钞，犯罪团伙在短时间内就能盗领大量现金。目前受害的国家已包括荷兰、俄罗斯、西班牙、英国等多个国家。

A Russian cybersecurity firm has issued a warning about a spate of remotely coordinated attacks on cash machines.

一家俄罗斯网络安全公司日前发出警告称，自动取款机正受到远程协同攻击的威胁。

Hacks of banks' centralised systems had made groups of machines issue cash simultaneously, a process known as "touchless jackpotting", said Group IB.

全球网络安全公司Group IB表示，黑客运用一种名为“自动吐钞”的程序攻击银行的中央系统，从而使多台自动取款机同时自动吐出现钞。

The machines had not been physically tampered with, it said, but "money mules" had waited to grab the cash.

Group IB称，这些自动取款机的硬件并没有被动过手脚，但“钱骡们”却都伺机从中大捞一笔。

Affected countries are said to include Armenia, Estonia, the Netherlands, Poland, Russia, Spain and the UK.

据称这次受害的国家包括亚美尼亚、爱沙尼亚、荷兰、波兰、俄罗斯、西班牙和英国。

But the company declined to name any specific banks.

但Group IB拒绝透露任何被攻击银行的名字。

Dmitriy Volkov from Group IB told the BBC a successful attack could net its perpetrators up to $400,000 at a time.

Group IB的德米克利•沃尔科夫对BBC说，一次成功的攻击最多可让犯罪团伙净赚40万美元。

"We have seen such attacks in Russia since 2013," he said.

他说：“从2013年起，俄罗斯就发生过类似的事件。”

"The threat is critical. Attackers get access to an internal bank's network and critical information systems. That allows them to rob the bank."

“黑客攻击的威胁十分严重。罪犯可以黑进银行的内部网络以及重要的信息系统，这让罪犯远程抢劫银行成为了可能。”

Two cash machine manufacturers, Diebold Nixdorf and NCR Corp, told Reuters they were aware of the threat.

自动取款机制造商迪堡多富和NCR对路透社说，他们已经意识到了黑客攻击的威胁。

"They are taking this to the next level in being able to attack a large number of machines at once," said senior director Nicholas Billett, from Diebold Nixdorf.

迪堡多富的高管尼古拉斯•比利特说：“通过一次性攻破大量取款机，黑客攻击已然提升到了一个新水平。”

"They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down."

“黑客知道攻击很快就会被发现，所以他们会在银行关闭入口前，攻破尽可能多的取款机，以攫取巨额现金。”

'Follow the money'

“追踪现金流向”

A recent report by Europol warned of the rise of cash-machine-related malware, although it said "skimming" - using hardware to steal card information at the machine itself - was still more common.

欧洲刑警组织近日的一份报告警告称，与取款机相关的恶意软件的数量正在上升，不过，它也表示，用“读卡器”在取款机上盗取银行卡信息仍是更为普遍的犯罪招数。

"The new method is being done by somehow gaining access to the banks' central systems and infecting whole communities of ATMs simultaneously, hence multiplying the amount of money that can be stolen in a short time," said Surrey University's cybersecurity expert Prof Alan Woodward.

萨里大学的网络安全专家艾伦•伍德沃德教授说：“这种新招数通过黑进银行的中央系统，同时操控大片区域的自动取款机来实现，这样，罪犯在短时间内盗取的现金就能大大增加。”

Because criminals were collecting the cash in person, it made the crime more difficult to trace, he added.

他还补充道，由于罪犯都是亲自来拿钱，加大了追踪难度。

"The classic way of solving online financial crime is to 'follow the money' - but when you can no longer do this, it is very hard to find out who is behind it, even though the evidence suggests it is a very limited number of groups that have started perpetrating this type of crime."

“破解网络金融案件的传统方法是‘追踪现金流向’——但现在这种方法失效了。即使有证据表明，只有几个团队在远程窃取取款机现金，但你仍很难查出背后的主使者是谁。”