Two Russian nationals wearing masks cashed out millions from the ATMs operated by Taiwan’s First Bank using malware on Sunday and left the country the following day. It is confirmed that the crooks behind the theft didn’t use bank cards as seen from security camera footage. Instead the cybercriminals appeared to gain control of the machines with a smartphone.
According to the police the crooks stole an estimated T$70m ($2.2m) just using a “connected device”. Authorities in Taiwan are trying to work out on how the crooks managed to hack into the ATMs using a smartphone. Targeted ATMs were made by German manufacturer Wincor Nixdorf, which admits some of its machines in Taiwan were hacked as part of a “premeditated attack”. Also three different (unspecified) strains of malware were found on the compromised machines.
Wincor Nixdorf claims that it has found no evidence that the malware used in the robbery was put on its ATMs via their network. At least four major state-run financial institutions, including First Bank, Chang Hwa Bank, Taiwan Cooperative Bank and Chunghwa Post Co., suspended cash withdrawals service on their ATMs as a precaution.