Skip to content
View in the app

A better way to browse. Learn more.

Thailand News and Discussion Forum | ASEANNOW

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

GSB hack - head of investigation visits ATMs in South as UK connection revealed

Featured Replies

GSB hack - head of investigation visits ATMs in South as UK connection revealed

 

p5.jpg

Image: Thairath

 

BANGKOK: -- The head of the investigation into the malware hack of the Government Savings Bank ATMs has visited Pangnga and Phuket as evidence continues to be gathered in the 12 million baht theft.

 

Panya Mamen went to the South to examine ATMs where the eastern European gang introduced malware before using electronic cards to withdraw cash, reported Thairath.

 

And in a new development it was revealed that the electronic cards used in the attack came from the UK. When the cards were entered into the machine the transaction was then cancelled. This triggered the machines to spew out 40,000 baht in cash each time.

 

Some 21 ATMs across five provinces and Bangkok were hit in the theft that led to the temporary shutdown of the GSB ATM network. 

 

The thefts occurred in July and earlier this month but police are looking into a connection with a previous 4.5 million baht ATM theft made in March that they think is linked to the same gang.

 

The gang, who are known to have fled the country, are also thought to have operated in Taiwan and Malaysia. Police have said that arrest warrants for Thais involved in the case may be issued this week.

 

CCTV in Phuket showed the face of one man clearly while two others were involved there. These are thought to be some of the ringleaders of the gang that additionally hit ATMs in Surat, Prajuab Khirikhan, Chumporn and Petchaburi.

 

Source: Thairath

 
tvn_logo.jpg
-- © Copyright Thai Visa News 2016-08-29

 

  • Author
Phuket car rental tips police to key suspect Russian in B12mn ATM heist

Eakkapop Thongtub

 

1472455836_1-org.jpg

Gen Panya said that the suspects inserted a card then pressed ‘Cancel’ to trigger the ATMs to dispense cash. Photo: Eakkapop Thongtub

 

PHUKET: -- A passport provided in order to rent a white Fortuner SUV from a tour company in Phuket’s Rawai area has provided police with a key suspect in the manhunt for the gang who robbed B12 million from hacked Government

 

The passport names Rustem Shambasov as renting a white Fortuner from P&D Tour in Saiyuan, Rawai, Phuket, from July 25-28, said Pol Gen Panya Mamen, a national level Advisor (Level 10) for the Royal Thai Police who is leading the investigation into the ATM heist.

 

Gen Panya, a former Commander of Region 8 Police, was in Phuket yesterday (Aug 28) to inspect two of the five ATMs on the island that were hacked and robbed by the gang.

 

The vehicle rented from Rawai has been identified as used in conducting a spate of withdrawals from the five GSB ATMs in Phuket, Gen Panya said.

 

“The gang stole about B1 million from ATMs in Phuket and we believe the car used was rented in Phuket,” he added.

 

Police believe two teams were involved, with one team installing the malware into the targeted ATMs and a second team to make the withdrawals.

 

“Our investigation leads us to believe there are two sets of suspects. One used the white Fortuner from July 27 onwards to withdraw money from ATMs by using a card issued in the UK. The suspects inserted the card and then pressed ‘Cancel’ to trigger the ATMs to dispense cash,” he said.

 

Full story: http://www.thephuketnews.com/phuket-car-rental-tips-police-to-key-suspect-russian-in-b12mn-atm-heist-58895.php

 
tphuketnews_logo.jpg
-- © Copyright Phuket News 2016-08-29
 

they made the visit but forgot to say everything was back to normal or hunky dory.

"The suspects inserted the card and then pressed ‘Cancel’ to trigger the ATMs to dispense cash,” 

 

How does that work?

This has to be a lengthy and complex investigation. (probably far beyond the competence of the Thai Police).

 

Why therefore is it necessary for senior investigators to burble unrelated facts to the press and leak out disjointed bits of the story in order to big themselves up. It is unprofessional, pointless (did you learn anything from this story) and harmful to any investigation.

 

At the end of the day, the Thai police will relay on forces in other countries to conduct any meaningful investigation and if any accomplices remain in Thailand, the foreign authorities will tell them who they are.

I personally think, that Pol Gen Panya Mamen has not the ability to cope with such a complicated case.  I remember an easier case from which he was forcibly removed, though he was absolutely on the right track to convict the culprits.  the reason of his removal still is a mystery to me. Remember?  http://englishnews.thaipbs.or.th/one-tourist-murder-suspect-now-arrested-another-run/

 

21 minutes ago, sambum said:

"The suspects inserted the card and then pressed ‘Cancel’ to trigger the ATMs to dispense cash,” 

 

How does that work?

I must try that next time I use an ATM! Thought I'd done that some while ago but it didn't give me 40,000 baht - not a single satang piece in fact! Does this mean my BKK Bank is failing its customers? I shall make a formal complaint!!

Jackpotman.jpg

40 minutes ago, sambum said:

"The suspects inserted the card and then pressed ‘Cancel’ to trigger the ATMs to dispense cash,” 

 

How does that work?

serious trade secret.

3 hours ago, sambum said:

"The suspects inserted the card and then pressed ‘Cancel’ to trigger the ATMs to dispense cash,” 

 

How does that work?

The Malware looks for something to happen, in this case the card and cancel, then it executes the software

5 hours ago, sambum said:

"The suspects inserted the card and then pressed ‘Cancel’ to trigger the ATMs to dispense cash,” 

 

How does that work?

It's called malware duh , installing programs into the ATM  that makes behave differently than the original proggramers intended duh.

5 hours ago, Briggsy said:

This has to be a lengthy and complex investigation. (probably far beyond the competence of the Thai Police).

 

Why therefore is it necessary for senior investigators to burble unrelated facts to the press and leak out disjointed bits of the story in order to big themselves up. It is unprofessional, pointless (did you learn anything from this story) and harmful to any investigation.

 

At the end of the day, the Thai police will relay on forces in other countries to conduct any meaningful investigation and if any accomplices remain in Thailand, the foreign authorities will tell them who they are.

Yes everyone knows this but one is not supposed to say it, two class of people thieves and working class..

7 minutes ago, ableguy said:

It's called malware duh , installing programs into the ATM  that makes behave differently than the original proggramers intended duh.

 

OK duh, thanks, duh, no need to be a smartass about it!

There are some detailed reports floating around about the options available to the hackers, and they seemed to suggest an n'th degree of sophistication as opposed to pressing 'cancel'.  

 

It seems the thieves chose to steal the bank's money, not the customers' this time. (I wonder if card users who used those compromised ATM's have been notified of the fact that their data has probably been stolen?)

 

Did they ask the ATM's to report in next week for questioning.

regards worgeordie

A good old English name Rustem Shambasov. Lucky they didnt use a fake passport in the name of Charles Windsor otherwise the RTP wouldnt have a clue where to start fabricating the investigation

Level 10 investigator, Clouseau and Poirot hang your heads your heads in shame. Never have you reached this Level.

I am still intrigued as to how this all worked.

I have this idea of....

'This password must be changed when machine is put into use and is currently set at 12345'

How are they going to exchange all that Baht currency into Pounds, Dollars, Euros………whatever?:blink:

Create an account or sign in to comment

Recently Browsing 0

  • No registered users viewing this page.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.