ATM Hackers Caught Following Car Chase And Gun Shots

from the just-like-the-movies dept

A few years back, there were some stories about how some scammers had found online manuals for popular ATMs, which included a default password, which was rarely changed (yes, that's an amazingly stupid design). This meant that it was fairly easy to program the ATM to believe that it held different denomination bills. For example, you could program it to think that it held $5 bills when it actually held $20s -- and then if you took out "$40" you would be given 8 bills -- or $160. Not surprisingly, other hackers have replicated this scam a bunch of times -- aided in large part by ATM owners who still haven't changed the default password.

Still, if you were a scammer pulling such a scam, you might think that it would make sense not to pull it at the same store multiple times. But, that's exactly what two guys did last year, where they tried to hit a local restaurant's ATM for the fourth time. By that point, the manager had been alerted to look out for them, and called the police on them when they came in again. There was a bit of a mess after that, as the manager tried to pull a gun on the scammers, and there was some sort of scuffle, a gunshot, and then a car chase... but eventually the guys were arrested. So, once again: ATM makers: stop offering machines with default passwords. ATM owners: change the default password on your machines. Scammers: don't be so dumb as to try to rip off the same place multiple times (or, maybe that's what we want, since it makes them easier to catch... but it's still dumb).


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Disenfranchised, Mar 10th, 2009 @ 7:26pm

    Rock the vote - tip the vote over

    Are these the same folks who designed the now imfamous voting machines?

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    harls, Mar 10th, 2009 @ 9:24pm

    survival of the fittest

    "Scammers: don't be so dumb as to try to rip off the same place multiple times (or, maybe that's what we want, since it makes them easier to catch... but it's still dumb)."

    The importance of adaption and survival of the fittest applies to criminals just as much as everyone else. I'm sure you're aware of the Darwin Awards.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Mar 11th, 2009 @ 1:26am

    Can't people do this with Coca-Cola vending machines, and would there be a car chase?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Michael Kohne, Mar 11th, 2009 @ 3:12am

    Every industry

    This same sort of problem crops up in every industry. There have been a number of cases of default passwords on gas pumps. If a scammer gets a copy of the key, and uses the default password, he can get free gas by direct programming of the pump.

    No one ever seems to learn.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Jamie, Mar 11th, 2009 @ 4:13am

    Stupid ATM owner

    Not to diminish the stupidity of the criminals, but after the first time the ATM got hit, you would think that the password would have been changed right then.
    Seriously, the ATM owner should have been smart enough to change it after getting scammed the first time.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    MeAndOnlyMe, Mar 11th, 2009 @ 7:15am

    Jamie, I concur

    Jamie is right on track with my thoughts. The FIRST time a hacker did this to an ATM, why didn't the ATM owner just change the password so no more hacks could take place?

    I say the dumb one is the ATM owner, not necessarily the crook.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Dan, Mar 11th, 2009 @ 8:35am

    Are you helping criminals?

    Are you "Aiding and Abetting"?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Neil (SM), Mar 11th, 2009 @ 8:37am

    One thing that doesn't make sense.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Neil (SM), Mar 11th, 2009 @ 8:40am

    One thing that doesn't make sense.

    Oops, I hit return to early and may have submitted a blank comment. Apologies.

    Anyway, I'm assuming they used their own ATM card after reprogramming the machine? I suppose they could have used a stolen card, but if they had a stolen card that worked, probably no need to reprogram the machine (other than to get around a daily limit I guess).

    So shouldn't it have been fairly easy to discover the identity of the thieves from the records of ATM card they used?

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    simon, Mar 11th, 2009 @ 11:08am

    Re: One thing that doesn't make sense.

    it makes perfect sense

    1 we see here ATM owners using default password, not changing-it and just waiting to shoot the thieves...

    do you think they use brain power there ?

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    alex, Mar 11th, 2009 @ 12:31pm

    R u guys coming from some fancy university?

    It is all about of balancing numbers/risk: what is the difference between the guy who steal n the one who has to go to fix the machine?
    A. very Lil from the boss point of view: both are hackers, one somehow crooked, the other somehow honest...if the honest decide to take the boss for a ride..BIg mess! and who gave him the key? plus a fix rate for every machine recoded plus mileage..conclusion the machines STILL have the default code IF the losses are no so great.. and they are not mostly...end of the story.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    VRP, Mar 11th, 2009 @ 1:13pm

    Re: Stupid ATM owner

    Then you must think the ATM machine somehow advised its owner how the thieves gained their access! I doubt its screen displayed such announcement ("default pwd [123456] was used").

    VRP

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This