A man in Romania was arrested by the London Police because of his involvement in a campaign that installed malware on to a lot of UK ATM machines.
Through their efforts, this Romanian man has been extradited to the UK and brought to justice since he has been involved in a prolific ATM malware campaign.
According to sources, the 30 year old man was arrested in the western city of Bacău in Romania by local police last September 20.
An estimated amount of £1.5 million pounds was stolen from UK ATM machines last May 2014’s during the bank holiday weekend. They have a group that have been doing ATM malware campaigns and he is believed to be a part of it. A total of 51 ATM machines was literally broken into and the gang introduced the malware by installing directly to it. After they have done what they were supposed to do, which is stealing the money, the malware deleted itself which is probably a part of the programming to obscure and evade detection and make it a lot more difficult to indentify the culprits.
This new arrest is merely the latest in a string relating to that campaign.
In January, Teofil Bortos, 36, from Newham in London admitted to his role in the campaign and was sentenced to seven years in prison. Nearly a year before that Grigore Paladi was sentenced to five years in prison for his role in the gang. According to City of London police, the investigation into the campaign is still ongoing.
The head of the London Regional Fraud Team Detective inspector Matthew Mountford said in a statement that this extradition “demonstrates the persistence of the London Regional Fraud Team to track down and bring to justice those involved in this case.”
It has been a huge barrier for law enforcement to arrest cyber criminals due to jurisdiction issues. This is not the case in this situation because Romania’s overseas law enforcement have been extremely co-operative.
ATM scamming had been around for years. It started from skimming techniques to capture and steal details of any machine inserted on a rigged machine. It became more and more sophisticated and smaller as time went on , more conspicuous and capable of defeating security measures being implemented on the actual cards.
This process can only do so much so they resorted to using malware instead. Malware which has been injected remotely by hacking the bank security or by tapping into the ATM machine itself will definitely slowly creep its way into the bank system itself.
By doing the malware route instead of skimming, there are no telltale signs since there are no devices. Peripherals and physical tampering will not be necessary. Nobody will suspect anything since nothing will seem out of place when you use the ATM machine. Therefore it makes it free for the attackers to get the data from the cards being used at the ATM. There are endless possibilities on what they can do to the actual machine. They can steal money and probably cash in on your private data also.
This new arrest may or may not affect the ATM malware criminals. Other suspects have been arrested for their alleged involvement in this crime. How many are involved? No one can be sure about the actual numbers but the arrest and conviction of people involved in cyber crime sends good vibes to ordinary people like us. It sends a clear message that such things are not risk free. Hopefully they get what that they deserve … be going behind bars.
