PETALING JAYA, Oct 2 — Local banks whose automated teller machines (ATM) were hacked by a Latin American gang had been warned four months ago to upgrade their cash points to prevent hacking.
NuSource Financial Inc, a US manufacturer of the NCR 5587 ATM, had informed financial institutions their machines were vulnerable to hacking via the “ulssm.exe” malware.
The company had on its website offered options and information on the need for banks to upgrade their system.
“In the banking world where security standards are held highest, an outdated system will leave you and your customers defenceless against criminals in the cyber world,” the posting read.
NuSource also explained the weaknesses of the old operating system on its website.
Sources from a police special investigations team formed to track down the Latin American gang who had hit 18 ATMs in the country with reported losses of RM3.1 million said the thieves took advantage of the unprotected operating system of the machine.
“The NCR 5877 model is an old machine and has not been updated for over five years. It does not have an exterior alarm system on its upper panel, allowing the thieves to open it up to gain access.”
The source said such ATMs were also targeted as they operate on Windows XP.
“Investigations revealed the older operating system is unable to protect the machine and this allows the hacker to reboot the machine by obtaining a temporary password.”
The source said it is important for ATMs to run on the latest operating system such as Windows 7 or 8.
A US-based antivirus firm Symantec in its website said old ATM models that has CD-ROM drives and USB slots at the exterior part could be easily compromised when a virus is uploaded.
On Tuesday, Deputy Home Minister Datuk Seri Wan Junaidi Tuanku Jaafar said the government would ask financial institutions to replace such ATMs.
Bukit Aman Commercial Crimes Investigations Department deputy director said yesterday the suspects hacked into the machines by opening its top panel and inserted a disc to infect it with the virus.
Once the disc was ejected, they would close the panel and their accomplices would withdraw the money by typing codes into the key panel, which they receive through mobile phone.
