[Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062

Nathan Landon nathan.landon at digitaloperatives.com
Fri Sep 15 14:43:04 EST 2006 

They showed it on the news here in Virginia.   They have security camera
footage of the guy who they believe is the perpetrator trying to pull out
$250 and getting $1000.   He did this twice apparently.   He doesn't look
like the "engineer" type.   They reported that he was able to turn on the
glitch through a series of entered numbers.    Doubtful he knew what he was
doing otherwise he could have turned it off between attempts.

It took 9 days apparently to catch the error when a good samaritan noticed
that they got more than they asked for and reported it.

It smells to me that it was either an inside job or a disgruntled employee.


Nate

-- 
Nathan Landon
President Digital Operatives
www.digitaloperatives.com



On 9/15/06, Dave Korn <dave.korn at artimi.com> wrote:
>
> On 15 September 2006 12:43, Halvar Flake wrote:
>
> > Somebody tell me that the stuff in the subject is
> > a joke.
> >
> > Cheers,
> > Halvar
>
>
> Hmmf.  It comes across as dubious at first sight, but if the guy did get
> some kind of engineer's access to the ATM, he could perhaps mis-program it
> as
> to which kind of bills were loaded into which columns/containers in the
> cash
> bay.  (Correct me if I'm wrong, but aren't all dollar bills the same size?
> This approach could not work in the UK where different denominations are
> of
> different sizes and need to be loaded into differently-sized cassettes
> which
> then automatically cue the machine as to the nature of the notes loaded
> into
> them).
>
> It also sounds like a garbled reference to 2FA - the swipe card would be a
>
> special engineer's identifier, and the "series of numbers" that he entered
> would not have been "breaking the code", but merely misusing a legitimate
> authority.
>
> I guess we need to see a more technical report before we can reach
> conclusions, but that's my attempt to read between the lines: it's not a
> joke,
> it's just what happens when a non-technical reporter attempts to cover a
> hi-tech crime story.
>
>
>    cheers,
>      DaveK
> --
> Can't think of a witty .sigline today....
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20060915/eb64dc61/attachment.htm

More information about the Dailydave mailing list