KOLKATA: Man in the Middle (MiTM) ATM hacking where cyber fraudsters covertly intercept the two-way encrypted messaging and information transfer involving an ATM and its own bank servers and control it into prompt ATMs to cash have struck Kolkata for the first time, authorities said on Saturday.
The lender or its clients don’t shed money in these types of cyber-attacks, however the ATMs run of money.
The highly complex cyber-attacks are formally reported by three ATMs from Jadavpur, Cossipore along with New Market where ATMs have dispensed about Rs 40-lakh money.
Detectives suspect a number of ATMs, that haven’t upgraded their working systems, might have been struck and the declines can encounter crores.
According to sources, the strikes in Kolkata ATMs are orchestrated reportedly by two individuals — that were captured in CCTV footages — between May 14 and 22.
These men, authorities suspect, are all runners.
CCTV footages also reveal them launching the ATM control panel and adding a”black box” similar to apparatus.
They appear to have added cardsstayed for approximately 30 minutes in an hourand walked off after pocketing the stolen money.
According to researchers, preliminary research suggests that the pathways involving the ATM switch (the control panel at the ATM) and also the lender servers are broken up in two manners.
Initially, the fraudsters have put up bank servers in a way that the encoded messages in the ATM switch not attained the bank , rather reached those proxy servers.
The fraudsters inserted random or stolen cards to draw money.
After the card information have been then deducted from the ATM switch into the lender it must have declined such trades as”unauthorised transaction” however, the proxy servers enabled itprompting the ATM to secure cash.
At the next, the fraudsters tampered with all the ATM LAN (Local Area Network) from the ATM’s control panel .
The bank control servers had turned down or diminished the unauthorised trade.
However, these encrypted messages in the bank were manipulated by the outside device and shifted to enable the trade before it bounced straight back into the ATM switch.
“Such advanced ATM hacking hasn’t yet been documented in Kolkata before.
Such instances are documented in Delhi, Bangalore, Gurugram, Noida and even Jalandhar earlier, some as recently as this season,” an officer said.
The RBI at a 22-page advisory in February 2021 had especially asked all stakeholders to update their ATM safety to curtail such MiTM attacks.
“We’ve taken over the research and the lender fraud department are working together with bank officials to create leads,” stated concerted CP (offense ) Murlidhar Sharma.
The initial FIR has been drawn up in New Market PS on May 25.
Both of the other FIRs — at Jadavpur PS and another at Cossipore — have been drawn on May 28.
Kolkata ATMs under Complex hacking attack
