Criminals pilfer ATMs with malware infected USB drives

Using just a good old fashioned saw and a USB stick full of malicious software, criminals are able to deplete cash machines of their highest value bills.

Dara Kerr Former senior reporter
Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.
Dara Kerr
USB drives. CBS Interactive

Robbing ATMs is nothing new. There's the everlasting stick-em-up, the bogus card scheme, ATM phishing, and more. But, it appears new ways are being invented to pull off successful cash machine heists.

It was recently revealed that thieves were able to access loads of ATM money by injecting machines with malware using USB drives, according to the BBC.

These break-ins involved both low- and high-tech techniques. Apparently, the criminals manually cut holes in the machines to plug in USB sticks that then installed malware on the system. Once the machines were infected, the robbers would patch the holes on the dispensers.

When the money first started disappearing from machines in Europe in July, banks were perplexed at how the ATMs were being depleted despite security mechanisms. Surveillance cameras finally were able to capture the criminals' use of USB drives.

According to the BBC, researchers presented the details of the robberies during the recent Chaos Computing Congress in Hamburg, Germany.

These researchers explained that the malware allowed the thieves to create a unique interface on the ATMs by typing in a 12-digit code. This interface allowed for withdrawal and also showed the criminals the amount of money and each bill denomination inside the machines. This meant the thieves could save time by only taking the highest value bills.

It's unclear which banks were hit and how much money the criminals were able to nab.