ATM Skimmers in the Wild

[Sir]

It is estimated that annual losses from ATM fraud totaled about $1 billion in 2008, or about $350,000 each day. Card skimming, where one affixes a bogus card reader on top of the real reader, accounts for more than 80 percent of ATM fraud worldwide.

Below are some pictures and descriptions of a few skimmers found in the wild:

A skimmer that easily fits over the card reader slot.

A skimming panel that fits entirely over an ATM console.

An overlay used to capture PIN. Attached and detached.

A closeup and inside picture of a removed skimmer.

This one was found at a bank that requires the customer to swipe the card before entering the lobby. As you can see it isn't as sneaky as some of the others lol.

Another PIN pad capture device pulled back to reveal legitimate console and numbers.

Very sneaky .

By the end of 2004 it was reported that 70% of all new ATMs shipped worldwide were Windows based systems.

Now, with the turn to 2010 in our wake, it is estimated that over 90% of all ATMs operating today are doing so on a variation of Windows.


Hope to inspire some talk of ATMS and skimming logistics in this thread. Cheers.


Edit: if you like my post a +rep would be some encouragement -__-

 

[R$4]

nice post

 

[Templar]

Way better decrypting the log files, than skimming ATMs these days. That's so old skool

If anyone has insider access to any atm, let me know.

 

[bornkill3r]

Templar you can give your ICQ number, maybe I got something for you..

 

[code]

Can any one advice wher to buy skimmer/ Pm me

 

[The Dream]

Way better decrypting the log files, than skimming ATMs these days. That's so old skool

If anyone has insider access to any atm, let me know.

so do you mean, you can decrypt 3DES?

 

[c0lb4rt]

@Templar if you have the resources to use them, much better indeed.

@the dream, sounds a lil far fetched, right?

 

[The Dream]

@the dream, sounds a lil far fetched, right?

In my opinion, who can decrypt 3des, will not advertise himself online. watch out for fbi, or delete your post, Templar.

 

[Templar]

3Des keys + log files = smart money.

FBI? the last time I checked, all it takes is a llittle uploading of the above data. where is the connection?

PayPal with what you 'know', bud... drops.

 

[The Dream]

FBI? the last time I checked, all it takes is a llittle uploading of the above data. where is the connection?

PayPal with what you 'know', bud... drops.

I say lol. .. A big fat lol....

 

[Templar]

The Dream?! just LOL?

C'mon man! you hurt my feelings with just an LOL...lol! =))

 

[Sir]

i remember hearing about malware being a high threat to ATM security. makes sense considering they are mostly using windows. it would require somebody on the inside, no? somebody with internal access to install it on the machine? then all thats really needed to compromise it would be a control card that activates the malware and gives access via a custom interface that was built. i believe the system ejects the PIN blocks onto a receipt to be decrypted in some way.

 

[kalashcc]

Old crap.

 

[axelevents]

Old crap.

what old crap iam not getting ur point kalash u mean to say u have a better way then all the above methods

i dont think so........

then why dont u post it or pm me.....

 

[ShoulderSurfer420]

NOT OLD CRAP

OLD GOLD!!!

If it ain't broken--don't fix it. atm skimming - only thing that changed is the public is slightly more aware...

 

[rickard]

I want some of that "old crap" lol

 

[EL FENIX]

jeje

Interesting

Not old crap. Very profitable crap Many talk the walk, few are capable of doing what they say...

Possible can buy/arrange and install ATM in busy profitable location and run it for half a year or more before pulling out ?

Check you PM

 

[Skimmer4Sale]

The point is not them to be crap or gold the point is they are really "old"

 

[Jobosick]

Does anybody know where i can rent an skimmer? tell me guys

 

[capac]

To install shit in atm's not need insider... to log atm not need insider... this can be done remotely (i already did and get tracks+pinblocks...) the insider is needed just to have the key string...... to de-3des the pinblocks...
so the insider is NOT somebody that can "only" open the machine and have fisical access BUT somebody that KNOW the private key.... ....after the "CRASH" this "somebody" will be investigated.... his fones listened etc etc.... be carefull of what doing, is nt so simple to do safetly!

i remember hearing about malware being a high threat to ATM security. makes sense considering they are mostly using windows. it would require somebody on the inside, no? somebody with internal access to install it on the machine? then all thats really needed to compromise it would be a control card that activates the malware and gives access via a custom interface that was built. i believe the system ejects the PIN blocks onto a receipt to be decrypted in some way.