webfact Posted August 23, 2016 Share Posted August 23, 2016 Hackers steal 12.29 million baht from GSB’s ATMs BANGKOK: -- The thefts have forced the GSB to suspend indefinitely the services of about 4,000 NCR-branded ATMs which were manufactured by a Scottish company. GSB director Mr Chartchai Payuhanaveechai said Tuesday that the bank had suspended the services of the Scottish-made ATMs on August 8 after officials found out that 21 of the ATMs had been hacked with the use of Malware programme. The hackers withdrew 40,000 baht each time from six NCR ATMs in Phuket, two each in Surat Thani, Chumporn, Prachuab Khiri Khan and Petchaburi and five in Bangkok in Sukhumvit and Vibhavadi Rangsit areas. Mr Chartchai said the bank had notified the Bank of Thailand about the electronic thefts so that commercial banks which have in their services similar brand of ATMs be warned and taken appropriate preventive measures. There are about 10,000 NCR ATMs in service in Thailand, including about 4,000 of the GSB. He said that the stolen money belong to the bank, not the customers, so GSB would demand compensation from the manufacturer of the machines. Source: http://englishnews.thaipbs.or.th/hackers-steal-12-29-million-baht-gsbs-atms/ -- © Copyright Thai PBS 2016-08-23 Link to comment Share on other sites More sharing options...
NCC1701A Posted August 23, 2016 Share Posted August 23, 2016 " that 21 of the ATMs had been hacked with the use of Malware programme. " which magically appeared on your ATM's ultra secure computers. "He said that the stolen money belong to the bank, not the customers, so GSB would demand compensation from the manufacturer of the machines. " thanks for the heads up on your banks policy. Link to comment Share on other sites More sharing options...
Hawk Posted August 23, 2016 Share Posted August 23, 2016 Shows yet again how unsafe Thai banks really are. Link to comment Share on other sites More sharing options...
gdgbb Posted August 23, 2016 Share Posted August 23, 2016 51 minutes ago, Hawk said: Shows yet again how unsafe Thai banks really are. No, it doesn't, it shows how insecure NCR cash dispensers are. Link to comment Share on other sites More sharing options...
gdgbb Posted August 23, 2016 Share Posted August 23, 2016 58 minutes ago, NCC1701A said: " that 21 of the ATMs had been hacked with the use of Malware programme. " which magically appeared on your ATM's ultra secure computers. "He said that the stolen money belong to the bank, not the customers, so GSB would demand compensation from the manufacturer of the machines. " thanks for the heads up on your banks policy. Is there something wrong with a bank's policy to get it's stolen money back? The statement doesn't say the policy would be any different if it was customer's accounts that were involved. Link to comment Share on other sites More sharing options...
tifino Posted August 23, 2016 Share Posted August 23, 2016 well... there goes the balance of the GDP in one foul swoop of the golden egg basket Link to comment Share on other sites More sharing options...
Jdietz Posted August 23, 2016 Share Posted August 23, 2016 Should have covered up the USB port, and disabled the WiFi hotspot... Link to comment Share on other sites More sharing options...
Hawk Posted August 23, 2016 Share Posted August 23, 2016 (edited) 14 minutes ago, gdgbb said: No, it doesn't, it shows how insecure NCR cash dispensers are. Yes it does show how unsafe Thai banks really are, as it casts yet another light on all the Thai banking flaws. Edited August 23, 2016 by Hawk Link to comment Share on other sites More sharing options...
Hawk Posted August 23, 2016 Share Posted August 23, 2016 " so GSB would demand compensation from the manufacturer of the machines." The weakness is obviously in the software not in the machine itself. So who designed the Thai software? Link to comment Share on other sites More sharing options...
seahorse Posted August 23, 2016 Share Posted August 23, 2016 8 minutes ago, Hawk said: " so GSB would demand compensation from the manufacturer of the machines." The weakness is obviously in the software not in the machine itself. So who designed the Thai software? Advice from NCR to ATM operators They seem to provide a good service to ATM operators from what I can see on their website. I think the fault lies with the bank. Link to comment Share on other sites More sharing options...
Don Mega Posted August 23, 2016 Share Posted August 23, 2016 21 x 40,000 = 12.29 million am I missing something ? Link to comment Share on other sites More sharing options...
rkidlad Posted August 23, 2016 Share Posted August 23, 2016 This does seem a software issue. Link to comment Share on other sites More sharing options...
gdgbb Posted August 23, 2016 Share Posted August 23, 2016 1 hour ago, Hawk said: Yes it does show how unsafe Thai banks really are, as it casts yet another light on all the Thai banking flaws. No, it doesn't. It was a flaw in a British made cash dispenser's security system. The GSB is not an unsafe bank, wasn't before this hack and still isn't. Link to comment Share on other sites More sharing options...
gdgbb Posted August 23, 2016 Share Posted August 23, 2016 59 minutes ago, Hawk said: " so GSB would demand compensation from the manufacturer of the machines." The weakness is obviously in the software not in the machine itself. So who designed the Thai software? Very often foreign companies are contracted by Thai banks to set up their security systems. Link to comment Share on other sites More sharing options...
gdgbb Posted August 23, 2016 Share Posted August 23, 2016 47 minutes ago, Don Mega said: 21 x 40,000 = 12.29 million am I missing something ? They withdrew 40k from 21 ATMs each time, not just one time. Link to comment Share on other sites More sharing options...
Chicog Posted August 23, 2016 Share Posted August 23, 2016 Malware of this type almost certainly needs one of two things: - Physical access to the ATM itself - Assistance from a bank employee I''d say it's most likely the bank's fault. Link to comment Share on other sites More sharing options...
laban Posted August 23, 2016 Share Posted August 23, 2016 Any leads on the thieves, like cctv footage at the ATM's?Sent from my iPhone using Thaivisa Connect Link to comment Share on other sites More sharing options...
Thian Posted August 23, 2016 Share Posted August 23, 2016 Well why not show us the pictures of the one who withdrew the cash? Link to comment Share on other sites More sharing options...
worgeordie Posted August 23, 2016 Share Posted August 23, 2016 The Bank still using Windows XP ? regards Worgeordie Link to comment Share on other sites More sharing options...
halloween Posted August 23, 2016 Share Posted August 23, 2016 8 minutes ago, worgeordie said: The Bank still using Windows XP ? regards Worgeordie Yeah, auto update doesn't work on pirated software. Link to comment Share on other sites More sharing options...
Don Mega Posted August 23, 2016 Share Posted August 23, 2016 1 minute ago, halloween said: Yeah, auto update doesn't work on pirated software. auto update works just fine on my dodgy copy of win7 Link to comment Share on other sites More sharing options...
gandalf12 Posted August 23, 2016 Share Posted August 23, 2016 1 hour ago, gdgbb said: No, it doesn't. It was a flaw in a British made cash dispenser's security system. The GSB is not an unsafe bank, wasn't before this hack and still isn't. Surely the software would not have been provided by the manufacturer. I would be more likely to consider the software is or local origin as it has to support the Thai language. Link to comment Share on other sites More sharing options...
snoop1130 Posted August 23, 2016 Share Posted August 23, 2016 Cops investigating mass digital theft of state bank ATMs By Sasiwan Mokkhasen, Staff Reporter ATMs in front of the Government Savings Bank headquarters in Bangkok are out of service as seen on Tuesday. BANGKOK — Police say they are seeking the perpetrators who stole more than 12 million baht from teller machines owned by the Government Savings Bank by infecting them with computer virus. The attack reportedly took place early this month and forced the state-owned bank to suspend 3,343 of its cash dispensers since Aug. 8, but the bank only told the public about the incident on Tuesday. Police also described the digital heist as the first one of its kind in Thai history. Full Story: http://www.khaosodenglish.com/news/business/2016/08/23/cops-investigating-mass-digital-theft-state-bank-atms/ -- © Copyright Khaosod English 2016-08-23 Link to comment Share on other sites More sharing options...
Hawk Posted August 23, 2016 Share Posted August 23, 2016 1 hour ago, gdgbb said: No, it doesn't. It was a flaw in a British made cash dispenser's security system. The GSB is not an unsafe bank, wasn't before this hack and still isn't. It was a flaw in the Thai designed software program and nothing to do with the Scottish hardware. Link to comment Share on other sites More sharing options...
halloween Posted August 23, 2016 Share Posted August 23, 2016 3 minutes ago, gandalf12 said: Surely the software would not have been provided by the manufacturer. I would be more likely to consider the software is or local origin as it has to support the Thai language. Don't see that to be the case. The ATM has only a very limited set of preprogrammed responses depending on which buttons are pushed. The content of the screen display could be in any language as they are simply images. There are no inputs in Thai language. Link to comment Share on other sites More sharing options...
Chicog Posted August 23, 2016 Share Posted August 23, 2016 1 hour ago, gdgbb said: No, it doesn't. It was a flaw in a British made cash dispenser's security system. The GSB is not an unsafe bank, wasn't before this hack and still isn't. If someone gained access to the service ports of the ATM, it's the bank's fault for not securing it properly. If someone was paid to install the malware, it's the banks fault for not screening its employees properly and auditing their work. Any way you slice it, I reckon it's their cockup. Furthermore, if the ATMs were running Win XP embedded and they were not paying for it to be patched, they need a kick up the ar$e. Link to comment Share on other sites More sharing options...
Hawk Posted August 23, 2016 Share Posted August 23, 2016 1 hour ago, gdgbb said: Very often foreign companies are contracted by Thai banks to set up their security systems. This was a software issue not a security systems issue, the hackers simply gave the software program a new command to follow and it did. Link to comment Share on other sites More sharing options...
hawkeye76 Posted August 23, 2016 Share Posted August 23, 2016 So easy to steal money from atm`s this way. I have been thinking about why not happen before. When you go any place and see atm machine you always see the box with all the cables, and if you place malware infected usb into the box, tecnically your already in the machine system, and can control whatever you want. If someone is not a complete idiot, he can do it in 5 minute, and empty the machine without any problem. Same thing has ben going in china also. Link to comment Share on other sites More sharing options...
Happy Grumpy Posted August 23, 2016 Share Posted August 23, 2016 Always somebody else's fault..... If there's a non-Thai entity somewhere along the supply chain, you better be sure it's going to be their fault. Thainess is just so predictable. Link to comment Share on other sites More sharing options...
tukkytuktuk Posted August 23, 2016 Share Posted August 23, 2016 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now