惡意軟件讓多臺(tái)取款機(jī)同時(shí)“自動(dòng)吐鈔”

A Russian cybersecurity firm has issued a warning about a spate of remotely coordinated attacks on cash machines.

一家俄羅斯網(wǎng)絡(luò)安全公司日前發(fā)出警告稱，自動(dòng)取款機(jī)正受到遠(yuǎn)程協(xié)同攻擊的威脅。

Hacks of banks' centralised systems had made groups of machines issue cash simultaneously, a process known as "touchless jackpotting", said Group IB.

全球網(wǎng)絡(luò)安全公司Group IB表示，黑客運(yùn)用一種名為“自動(dòng)吐鈔”的程序攻擊銀行的中央系統(tǒng)，從而使多臺(tái)自動(dòng)取款機(jī)同時(shí)自動(dòng)吐出現(xiàn)鈔。

The machines had not been physically tampered with, it said, but "money mules" had waited to grab the cash.

Group IB稱，這些自動(dòng)取款機(jī)的硬件并沒有被動(dòng)過手腳，但“錢騾們”卻都伺機(jī)從中大撈一筆。

Affected countries are said to include Armenia, Estonia, the Netherlands, Poland, Russia, Spain and the UK.

據(jù)稱這次受害的國(guó)家包括亞美尼亞、愛沙尼亞、荷蘭、波蘭、俄羅斯、西班牙和英國(guó)。

But the company declined to name any specific banks.

但Group IB拒絕透露任何被攻擊銀行的名字。

Dmitriy Volkov from Group IB told the BBC a successful attack could net its perpetrators up to $400,000 at a time.

Group IB的德米克利•沃爾科夫?qū)BC說，一次成功的攻擊最多可讓犯罪團(tuán)伙凈賺40萬美元。

"We have seen such attacks in Russia since 2013," he said.

他說：“從2013年起，俄羅斯就發(fā)生過類似的事件。”

"The threat is critical. Attackers get access to an internal bank's network and critical information systems. That allows them to rob the bank."

“黑客攻擊的威脅十分嚴(yán)重。罪犯可以黑進(jìn)銀行的內(nèi)部網(wǎng)絡(luò)以及重要的信息系統(tǒng)，這讓罪犯遠(yuǎn)程搶劫銀行成為了可能。”

Two cash machine manufacturers, Diebold Nixdorf and NCR Corp, told Reuters they were aware of the threat.

自動(dòng)取款機(jī)制造商迪堡多富和NCR對(duì)路透社說，他們已經(jīng)意識(shí)到了黑客攻擊的威脅。

"They are taking this to the next level in being able to attack a large number of machines at once," said senior director Nicholas Billett, from Diebold Nixdorf.

迪堡多富的高管尼古拉斯•比利特說：“通過一次性攻破大量取款機(jī)，黑客攻擊已然提升到了一個(gè)新水平。”

"They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down."

“黑客知道攻擊很快就會(huì)被發(fā)現(xiàn)，所以他們會(huì)在銀行關(guān)閉入口前，攻破盡可能多的取款機(jī)，以攫取巨額現(xiàn)金。”

'Follow the money'

“追蹤現(xiàn)金流向”

A recent report by Europol warned of the rise of cash-machine-related malware, although it said "skimming" - using hardware to steal card information at the machine itself - was still more common.

歐洲刑警組織近日的一份報(bào)告警告稱，與取款機(jī)相關(guān)的惡意軟件的數(shù)量正在上升，不過，它也表示，用“讀卡器”在取款機(jī)上盜取銀行卡信息仍是更為普遍的犯罪招數(shù)。

"The new method is being done by somehow gaining access to the banks' central systems and infecting whole communities of ATMs simultaneously, hence multiplying the amount of money that can be stolen in a short time," said Surrey University's cybersecurity expert Prof Alan Woodward.

薩里大學(xué)的網(wǎng)絡(luò)安全專家艾倫•伍德沃德教授說：“這種新招數(shù)通過黑進(jìn)銀行的中央系統(tǒng)，同時(shí)操控大片區(qū)域的自動(dòng)取款機(jī)來實(shí)現(xiàn)，這樣，罪犯在短時(shí)間內(nèi)盜取的現(xiàn)金就能大大增加。”

Because criminals were collecting the cash in person, it made the crime more difficult to trace, he added.

他還補(bǔ)充道，由于罪犯都是親自來拿錢，加大了追蹤難度。

"The classic way of solving online financial crime is to 'follow the money' - but when you can no longer do this, it is very hard to find out who is behind it, even though the evidence suggests it is a very limited number of groups that have started perpetrating this type of crime."

“破解網(wǎng)絡(luò)金融案件的傳統(tǒng)方法是‘追蹤現(xiàn)金流向’——但現(xiàn)在這種方法失效了。即使有證據(jù)表明，只有幾個(gè)團(tuán)隊(duì)在遠(yuǎn)程竊取取款機(jī)現(xiàn)金，但你仍很難查出背后的主使者是誰。”