Return my money, ATM
It happens that the usual, seemingly thing, meets with such a twist, after which you begin to look at this thing in a completely different way. So it happened with me ... I took the money from the card in a hundred places for a couple of years and did not know the troubles ... but then I came to one town and I met this very highlight at the first ATM. Moreover, the place and circumstance were such that in a couple of moments food for thought and impressions had accumulated about two weeks ahead.
For some reason I thought that this could only be in the country of evergreen presidents, and we simply don’t have the staff to do it. It turns out I was deeply mistaken. It’s just that you don’t meet every day what you read only in magazines / Internet or seen in films [by the way, I don’t remember a single movie where a skimmer would appear :)].
What is a skimmer? If you make a request in Yandex, then from the first lines it will become clear that this is some kind of pump for cleaning pools. But judge for yourself - the pump and the ATM ... something is not right. Although, pump pump grandmother from the ATM - quite)
')
Without going into the history of the origin of the name, the skimmer is a small device that can help attackers to use your plastic card.
Those who are in the subject, now probably read and giggle at my interpretation, but this is the first interpretation that came to my mind.
A skimmer usually consists of two elements - a laid-on keyboard (pin-pad) and a magnetic tape scanner.
A pin-pad is placed on top of the ATM's native keyboard and allows attackers to know your pin-code (a miniature camera can also be used for this), while the scanner hangs on top of the card acceptance slot. Moreover, disguise does its dirty work.
You insert a card into an ATM (not suspecting that you insert it into an intruder’s card scanner, after which the card enters the ATM slot you need) - voila, your card data (dump) is either on the scanner’s storage device or wirelessly already transferred to someone. Then you enter a PIN code, which is either saved or sent immediately. Everything, in order to use your money, it remains only to make a duplicate card, which is done, apparently, quite easily - using a dump, a faceless piece of plastic is programmed and ready.
By the way, it is much worse if there is no cash-on-delivery keyboard on the ATM card acceptance device or just someone is firing as you enter the PIN code. Even worse, if you left the Audi Q7 (99, the third boomer, the Lancer - underline the right one), in a major sheepskin coat, with a headset, but without a helmet, you got out of your cleaned-up mirror shine. In this case, there is every chance stupidly get something heavy on the head and with the same success to give money from the card. But this case is not so interesting - gop-stop was everywhere and always.
Despite the fact that I always look at the ATM, before inserting a card, I inserted it that time. Were not alone, it was not to the ATM. I wanted to enter a pin-code, as I noticed that the keyboard is not flat, but convex, as it should not be. Having quickly compared with my finger the texture of the keyboard and the ATM, I mentally try to convince myself that everything is ok. After a second, I tell friends:
- Damn, skimmer hike.
Frozen. Poddevayu keyboard with a fingernail ... first came the nail, then the finger ... solid sex). When I realized that Klava was leaving, I decided that I broke the ATM and that there would be nothing under the buttons, and I would stupidly paste it back and withdraw the money.
Lifting the clave, we were stupefied - there was an exact copy of our clave, only perfectly evenly embedded in the surface of the ATM.
- Yo-mae, Burumych, skimmer! Skimmer, his mother! Oh Gods, this is the first time I see it, turn it around, let me take a picture!
- Yes, I also see it for the first time. Only my dump is already there, and someone else should be yours)
I glance at the card reader - without thinking anything, I try to pull out the card. Nothing comes out. I remember about the "Cancel" button, I press - the card climbs out. Huh
By pulling out a sticking card reader with his nails, he also moves away - from which there was only more horror. We are considering the device for a couple of seconds - some light bulbs, a battery, a neat solder are burning ... yes, it is clear that they are seriously engaged in this issue. After another moment, the thought that we no longer need to be here any longer visits us all)
Then everything is like in the movie) The cops promised to arrive within an hour, which in our case, of course, did not make us any weather. Skimmer peacefully returned to the rightful owners) And we, realizing that we walk under God, teleported.
In general, about such were the emotions when we first met. What food for thought did we get then?
First, it was the first practical exercise - they learned how it looks like, what it is, who it is and how it is protected. All the text further - guesses.
From unreliable sources, the price for a set of devices of this type (the hardware itself, software, etc.) costs about 3-5 thousand dollars (despite the fact that there is nothing supernatural there), which is at least a reason not to leave the device without supervision. Price depends on the design and configuration. Something can work autonomously for a long time, something to store dumps on your memory card, something - immediately sends information to the owners (exotic).
Quote from a site: “ Information about skimmers appeared in the news more than once, but the devices are improving every day. At this time, the skimmer no longer needs to approach the ATM to remove the information - it is sent via SMS. The device can send up to 1856 SMS on one charge. It is worth 8.5 thousand dollars. Moreover, the paint for external parts is purchased at the same factories as the manufacturers of ATMs, taking into account the temperature, angle, painting time. At first glance, it is almost impossible to distinguish.
The only thing is BUT ... If bank employees will promptly react and track the SIM card of an intruder, then it may be easier to catch him ... ”
Consequently, somewhere within the line of sight, there is definitely someone, even if you don’t see it. But they see you, for example, from a toned nine across the road;) Since the work of the observer, in fact, is the protection of the object, I am almost sure that he has the proportions as a decent guard;)
If you think that you fool everyone by tearing off the skimmer and running away - do not rush to rejoice. They can find it on a dump, they could have dropped a passport - anything can happen;) but then the happy ending may not happen. So think, is it worth it to get involved - can it be easier to withdraw money elsewhere?
Then you can think about the habitats of skimmers. It is clear that the ideal place is where there are more people, and not students with scholarships, but normal people like that. I think you can meet a skimmer at train stations, airports, casinos, cafes, cinemas, hardware stores and other humpbacks - in a word, in places where people need to withdraw more money.
After wandering a couple of hours for a scoop and a crust, having passed a couple of stations - I didn’t find anything interesting. From here, the conclusion again suggests itself that the devices are not always in place.
I suppose that at first the guys find out in what mode the fish place is served - on which days and at what time collectors come to load money, what time they pass, and so on. Because collectors probably are different every time, then an attacker should not hope for their humanity to a skimmer. Therefore, probably, skimmers are glued and removed several times a day.
But again, something follows from here. Even the longest ATM usually has cameras behind which someone should be watching from security services. And I don’t even speak about ATMs in bank branches. Thus, I do not believe that every time, when hanging a device on an ATM, no one notices this and does nothing. Yes, an attacker can cover a camera for a couple of seconds, having managed to do his job ... but this should happen several times a day!?! I think even constantly hanging the device and not necessary - just hang a couple of hours in one of the evenings of the festive day.
What is the conclusion from this? And such that everyone knows about it perfectly. And if the girl at the reception should just turn a blind eye to it, then the owners of banks probably live not only on depositors' interest =) otherwise there is no sense in breeding such a feeder under their noses. Thus, the attitude of the banking sector to the ordinary user, honest, at times, to a person is proved once again. It's a pity )
Somehow going to the bank, at the entrance I met a guard who was leaving to smoke. Without thinking twice, I decided to talk to him - this is how we got the dialogue:
- Hello, I wanted to ask a couple of questions on ATM security.
- Try it.
(head) - you know what a skimmer?
- Mm, heard what?
- Recently I met such a device for the first time - I found it only when I had already inserted a card, but did not enter the code. Can I, without knowing the pin-code, pay on my behalf, for example on the Internet or simple stores?
- This is, honestly, I do not know. But God protects the safe - come, go, change the code, it will take 10 minutes. And where did you meet the thing?
- There it is. But, to be honest, I was surprised - I thought that it was only in the states, and they only wrote about them in magazines.
- Heh ... in the states =) you live in Russia. While the Americans are coming up with something, they will already make an “anti” here. They have viruses, we already have antiviruses and vice versa. So in a country of desire to row money, doing nothing, such devices can not be.
- Even so! And we have a lot ... in Moscow?
- Yes, enough. Where do you live?
- there it is
- Well ... not far from me. Search - find;)
- Interesting. And why are no one fighting them?
- Yes, they do not fight ... they fight. Just once they are, it means someone needs it.
- True, there is no smoke without fire. And how does the management of the banks relate to this, they are aware?
(Cheering up) - Of course! )
- Wah. Ie, it turns out that they do not clean, if only because the authorities are also profitable?
(Smiling) - Well ... anything can happen. And why is this all for you?
- Why, I ran into it by chance, I wanted to know.
- Look, be careful. Do you have any law at the institute?
- No, but something like that was.
- And what, did not teach, what questions and who can be asked, and to whom which are not?
- Not taught, but I am to you exclusively for peaceful purposes;)
- Yes it is clear. Just sometimes, by asking a seemingly safe question, you can cause an inadequate reaction. The same with behavior. Did you know that you can't knock on an ATM?
- No, and what, in the answer beats? ;)
- Not. But it can already fall under the damage of property. So the other day one drunk came in, knocked - a van arrived, tied up and taken away. There's also a lot of sensors inside ... and go prove that you didn't want to hack it.
- Seriously, you have here. Okay, let's go back. Tell something about their device, how they fix it, how they service it?
- Well, what is there to tell. How they work, I don’t know for sure, but it’s not so difficult to find. This is the 80-year-old granny, whom the state has been waiting for all this time, no longer understand these jokes, and if you see that something is sticking out, do not stick it out and take it off, take it off in another place.
- And if you tear off and reel?
- Well, tear it off =) You understand, such things are not without supervision ... not immediately, then later they will find it somewhere. Pat on the shoulder, he did not notice.
- Interesting ... and that, absolutely no one cares about this?
- Well, why ... there are, sometimes, demonstration performances - specialists are passing by, all those who need their fingers are bent for a tick ... and then everything rises into place again.
- Did you have anything interesting here?
- No, it's more on ATMs without banks, although anything can happen.
“Ah, well, you have a bank here, yes ...”
- The maximum happened that the money snatched ... but this is again, whose mistake? Look, look ... come out with a wad of money ... why can't you hide it right away, do not remove it? Then you can recalculate ... or enter the PIN codes without closing ... and you can peek in a thousand ways. And then they complain ...
- Where is your automatic machine? ;)
(smiling) - Yes, I won, on the tank today. Far from running away, if that;) Okay, come on, not May, month, I will go. Mota on mustache.
- Good luck, thank you!
In general, such a dialogue has come out, but there is almost no specifics. Later, by chance, I managed to find a person on the network in a subject who couldn’t be re-found.) I didn’t take him much time, but still, some information, again confirming my guesses, appeared:
I : What are the types (storage method, transmission method, power)? What are the sizes? What are the prices and what they depend on? Where do they come from - do they make them serially?
He : Each device is individually individually - sharpened for a specific ATM, because The main required property is stealth. Nobody makes them serially, because it is still a criminal offense, but this does not mean that they are all done by hand. The price of the turnkey skimmer - from 5000 and above. These are mostly stand-alone devices with built-in memory - “set, waited, removed”, I did not have any options for transferring data, but it is obvious that it is much safer for owners.
// Here the interlocutor did not tell about the sizes of the devices, but I found a couple of interesting images on the Internet. Yes, yes, even such a “lighter” (more correctly, “Cube”) in the hand of a person next to you is able to stifle your condition.
Me : How are they fastened? It happens stupidly over the clave and the gap. But I heard that more often just put the camera. Maybe something else came up?
He : That's right - in simple models it is attached only to the card reader + a camera for removing the pincode. There are a lot of ways to mount the camera.
// Looking around the photo of the ATM, I figure out where I could hide the camera. If this is not an “extra” camera in a bank that looks like a real one, then there are not so many options. If a person is tall, then the camera can be glued to the top of the ATM, sticking out above the clave - you just can’t see them, but bending down a bit is easy. Or you can hang your “lamp” for lighting, in which you can hide the “grain” from the camera in transparent plastic (have you seen what size of camera in some video door phones? “.” - a little more than this point)
Or, just like on a photo from Ineta, in a box for advertisements, originally awarded only with an informational function.
Well, or your code may stupidly peep nearby people;) Therefore, mirrors on ATMs glue for a reason. Caring for customers banks on their ATM also put special "fences" on the keyboard, which help not to burn the code.
I : Where are most often - in closed or open ATMs? Maybe some ATMs or banks are particularly irresponsible to this, and some - treasure customers? Favorite habitat? Where is more - in Moscow or St. Petersburg?
He : Preferred open ATMs. The greater the permeability of the people - the better. As for banks - xs. Any phreaker will not tell you this or will deliberately “change” the right bank names to places;) Everybody, of course, is watching, but nobody will say that their ATM will be active. Where more - IMHO , in St. Petersburg. But in Moscow, of course, is also missing.
Again, I : A little more at prices - you can only buy in the internet or in supermarkets also sold? ;) What changes in this case? What should a person do if he removed the skimmer? )
He : A ready-made kit purchased at Mitino or elsewhere - in 99% will be inoperative or already used, and then it is difficult to find what you need. On the Internet, people are much more willing to make contact, but in the same way you can buy something wrong or at an inflated price. Price, again, under the order - from 5000. If you managed to remove the skimmer - the case for small - to merge the information from there and sell it to carders. Or drops. To merge the money equivalent itself is equivalent to a confession to the authorities.
// Hmm, something is again this figure in 5K usd;) On the forums, the offers are completely different - from 1K to 15.
I : Who is doing this at all - after all, not just the pioneers of radio engineering? How are they installed - under the camera of an ATM every day they put in the morning and take cash collectors before they arrive? Or even they are not a hindrance? )
He : Who is engaged? Smart and cautious phreakers (not to be confused with freaks - my comment). The most common method of installation is after the arrival and departure of the collection group, after 5-10 minutes the “group” returns. and leaves again. The scheme is acceptable for organized crime groups, which can allow to imitate the overalls of masters. A simpler option is to set for evening and night, i.e. few people, the collection will not arrive guaranteed until the morning (arrival time is calculated by simple observation), but safety is higher. Skimmers are also usually installed and removed by a “noisy group of students”, i.e. the crowd is surrounded by an ATM (“blocking the suckers”), a skimmer is being installed ... well, and options for fantasy ...
Me : I want some numbers) Their risk is at least justified - how profitable is fishing? Or if not in dollars, then at least in the number of dumps. How often do skimmers work? )
He : The price of freedom is different for everyone, someone risks, someone does not. But it is not always necessary to do everything yourself;) do not hurt with% and everything will be. The number of dumps = the number of cards inserted into the ATM. Catch - no one has ever said specific numbers. But not only the device pays off, but also enough for a new one. Maybe I heard the song “There are dinners in the restaurant, there are no neighbors in the house, and the BVM of the 7th series is better than a bicycle” :)
I : I heard;) And what do they do with dumps, what is their future path? Does a person need to change a pin code if he only inserted a card but did not enter a code? « » ? , ? 5 ?
: — . . — . - . «» , - . ? ? . . , ( ).
, , , . -, ;)
, , . , , , , , – , – , .
GSM-
, , ) - , . – , - . – — , , – , . , , - .
, ;) , , , :
1 . , . , - - – . , – , .
2 , ( ). : , . , – . , , – 02 – !
3 - – =) -- . - , , .
4 , . > > > > > .
5 : « , , . , 4- - 6-. - , ». , , , , . …. -! , , , . – – . :)
6 – — ;=)))
– , :
)
1 . :
– , , … --, , … … :)))
2 :
– , (, ), .. , , – . ( ), . … , )
— – , , – … – ) :
( , , , .. , - )
« », , , , . , - :) , ! )
Successes!
For some reason I thought that this could only be in the country of evergreen presidents, and we simply don’t have the staff to do it. It turns out I was deeply mistaken. It’s just that you don’t meet every day what you read only in magazines / Internet or seen in films [by the way, I don’t remember a single movie where a skimmer would appear :)].
What is a skimmer? If you make a request in Yandex, then from the first lines it will become clear that this is some kind of pump for cleaning pools. But judge for yourself - the pump and the ATM ... something is not right. Although, pump pump grandmother from the ATM - quite)
')
Without going into the history of the origin of the name, the skimmer is a small device that can help attackers to use your plastic card.
Those who are in the subject, now probably read and giggle at my interpretation, but this is the first interpretation that came to my mind.
A skimmer usually consists of two elements - a laid-on keyboard (pin-pad) and a magnetic tape scanner.
A pin-pad is placed on top of the ATM's native keyboard and allows attackers to know your pin-code (a miniature camera can also be used for this), while the scanner hangs on top of the card acceptance slot. Moreover, disguise does its dirty work.
You insert a card into an ATM (not suspecting that you insert it into an intruder’s card scanner, after which the card enters the ATM slot you need) - voila, your card data (dump) is either on the scanner’s storage device or wirelessly already transferred to someone. Then you enter a PIN code, which is either saved or sent immediately. Everything, in order to use your money, it remains only to make a duplicate card, which is done, apparently, quite easily - using a dump, a faceless piece of plastic is programmed and ready.
By the way, it is much worse if there is no cash-on-delivery keyboard on the ATM card acceptance device or just someone is firing as you enter the PIN code. Even worse, if you left the Audi Q7 (99, the third boomer, the Lancer - underline the right one), in a major sheepskin coat, with a headset, but without a helmet, you got out of your cleaned-up mirror shine. In this case, there is every chance stupidly get something heavy on the head and with the same success to give money from the card. But this case is not so interesting - gop-stop was everywhere and always.
Despite the fact that I always look at the ATM, before inserting a card, I inserted it that time. Were not alone, it was not to the ATM. I wanted to enter a pin-code, as I noticed that the keyboard is not flat, but convex, as it should not be. Having quickly compared with my finger the texture of the keyboard and the ATM, I mentally try to convince myself that everything is ok. After a second, I tell friends:
- Damn, skimmer hike.
Frozen. Poddevayu keyboard with a fingernail ... first came the nail, then the finger ... solid sex). When I realized that Klava was leaving, I decided that I broke the ATM and that there would be nothing under the buttons, and I would stupidly paste it back and withdraw the money.
Lifting the clave, we were stupefied - there was an exact copy of our clave, only perfectly evenly embedded in the surface of the ATM.
- Yo-mae, Burumych, skimmer! Skimmer, his mother! Oh Gods, this is the first time I see it, turn it around, let me take a picture!
- Yes, I also see it for the first time. Only my dump is already there, and someone else should be yours)
I glance at the card reader - without thinking anything, I try to pull out the card. Nothing comes out. I remember about the "Cancel" button, I press - the card climbs out. Huh
By pulling out a sticking card reader with his nails, he also moves away - from which there was only more horror. We are considering the device for a couple of seconds - some light bulbs, a battery, a neat solder are burning ... yes, it is clear that they are seriously engaged in this issue. After another moment, the thought that we no longer need to be here any longer visits us all)
Then everything is like in the movie) The cops promised to arrive within an hour, which in our case, of course, did not make us any weather. Skimmer peacefully returned to the rightful owners) And we, realizing that we walk under God, teleported.
In general, about such were the emotions when we first met. What food for thought did we get then?
First, it was the first practical exercise - they learned how it looks like, what it is, who it is and how it is protected. All the text further - guesses.
From unreliable sources, the price for a set of devices of this type (the hardware itself, software, etc.) costs about 3-5 thousand dollars (despite the fact that there is nothing supernatural there), which is at least a reason not to leave the device without supervision. Price depends on the design and configuration. Something can work autonomously for a long time, something to store dumps on your memory card, something - immediately sends information to the owners (exotic).
Quote from a site: “ Information about skimmers appeared in the news more than once, but the devices are improving every day. At this time, the skimmer no longer needs to approach the ATM to remove the information - it is sent via SMS. The device can send up to 1856 SMS on one charge. It is worth 8.5 thousand dollars. Moreover, the paint for external parts is purchased at the same factories as the manufacturers of ATMs, taking into account the temperature, angle, painting time. At first glance, it is almost impossible to distinguish.
The only thing is BUT ... If bank employees will promptly react and track the SIM card of an intruder, then it may be easier to catch him ... ”
Consequently, somewhere within the line of sight, there is definitely someone, even if you don’t see it. But they see you, for example, from a toned nine across the road;) Since the work of the observer, in fact, is the protection of the object, I am almost sure that he has the proportions as a decent guard;)
If you think that you fool everyone by tearing off the skimmer and running away - do not rush to rejoice. They can find it on a dump, they could have dropped a passport - anything can happen;) but then the happy ending may not happen. So think, is it worth it to get involved - can it be easier to withdraw money elsewhere?
Then you can think about the habitats of skimmers. It is clear that the ideal place is where there are more people, and not students with scholarships, but normal people like that. I think you can meet a skimmer at train stations, airports, casinos, cafes, cinemas, hardware stores and other humpbacks - in a word, in places where people need to withdraw more money.
After wandering a couple of hours for a scoop and a crust, having passed a couple of stations - I didn’t find anything interesting. From here, the conclusion again suggests itself that the devices are not always in place.
I suppose that at first the guys find out in what mode the fish place is served - on which days and at what time collectors come to load money, what time they pass, and so on. Because collectors probably are different every time, then an attacker should not hope for their humanity to a skimmer. Therefore, probably, skimmers are glued and removed several times a day.
But again, something follows from here. Even the longest ATM usually has cameras behind which someone should be watching from security services. And I don’t even speak about ATMs in bank branches. Thus, I do not believe that every time, when hanging a device on an ATM, no one notices this and does nothing. Yes, an attacker can cover a camera for a couple of seconds, having managed to do his job ... but this should happen several times a day!?! I think even constantly hanging the device and not necessary - just hang a couple of hours in one of the evenings of the festive day.
What is the conclusion from this? And such that everyone knows about it perfectly. And if the girl at the reception should just turn a blind eye to it, then the owners of banks probably live not only on depositors' interest =) otherwise there is no sense in breeding such a feeder under their noses. Thus, the attitude of the banking sector to the ordinary user, honest, at times, to a person is proved once again. It's a pity )
Somehow going to the bank, at the entrance I met a guard who was leaving to smoke. Without thinking twice, I decided to talk to him - this is how we got the dialogue:
- Hello, I wanted to ask a couple of questions on ATM security.
- Try it.
(head) - you know what a skimmer?
- Mm, heard what?
- Recently I met such a device for the first time - I found it only when I had already inserted a card, but did not enter the code. Can I, without knowing the pin-code, pay on my behalf, for example on the Internet or simple stores?
- This is, honestly, I do not know. But God protects the safe - come, go, change the code, it will take 10 minutes. And where did you meet the thing?
- There it is. But, to be honest, I was surprised - I thought that it was only in the states, and they only wrote about them in magazines.
- Heh ... in the states =) you live in Russia. While the Americans are coming up with something, they will already make an “anti” here. They have viruses, we already have antiviruses and vice versa. So in a country of desire to row money, doing nothing, such devices can not be.
- Even so! And we have a lot ... in Moscow?
- Yes, enough. Where do you live?
- there it is
- Well ... not far from me. Search - find;)
- Interesting. And why are no one fighting them?
- Yes, they do not fight ... they fight. Just once they are, it means someone needs it.
- True, there is no smoke without fire. And how does the management of the banks relate to this, they are aware?
(Cheering up) - Of course! )
- Wah. Ie, it turns out that they do not clean, if only because the authorities are also profitable?
(Smiling) - Well ... anything can happen. And why is this all for you?
- Why, I ran into it by chance, I wanted to know.
- Look, be careful. Do you have any law at the institute?
- No, but something like that was.
- And what, did not teach, what questions and who can be asked, and to whom which are not?
- Not taught, but I am to you exclusively for peaceful purposes;)
- Yes it is clear. Just sometimes, by asking a seemingly safe question, you can cause an inadequate reaction. The same with behavior. Did you know that you can't knock on an ATM?
- No, and what, in the answer beats? ;)
- Not. But it can already fall under the damage of property. So the other day one drunk came in, knocked - a van arrived, tied up and taken away. There's also a lot of sensors inside ... and go prove that you didn't want to hack it.
- Seriously, you have here. Okay, let's go back. Tell something about their device, how they fix it, how they service it?
- Well, what is there to tell. How they work, I don’t know for sure, but it’s not so difficult to find. This is the 80-year-old granny, whom the state has been waiting for all this time, no longer understand these jokes, and if you see that something is sticking out, do not stick it out and take it off, take it off in another place.
- And if you tear off and reel?
- Well, tear it off =) You understand, such things are not without supervision ... not immediately, then later they will find it somewhere. Pat on the shoulder, he did not notice.
- Interesting ... and that, absolutely no one cares about this?
- Well, why ... there are, sometimes, demonstration performances - specialists are passing by, all those who need their fingers are bent for a tick ... and then everything rises into place again.
- Did you have anything interesting here?
- No, it's more on ATMs without banks, although anything can happen.
“Ah, well, you have a bank here, yes ...”
- The maximum happened that the money snatched ... but this is again, whose mistake? Look, look ... come out with a wad of money ... why can't you hide it right away, do not remove it? Then you can recalculate ... or enter the PIN codes without closing ... and you can peek in a thousand ways. And then they complain ...
- Where is your automatic machine? ;)
(smiling) - Yes, I won, on the tank today. Far from running away, if that;) Okay, come on, not May, month, I will go. Mota on mustache.
- Good luck, thank you!
In general, such a dialogue has come out, but there is almost no specifics. Later, by chance, I managed to find a person on the network in a subject who couldn’t be re-found.) I didn’t take him much time, but still, some information, again confirming my guesses, appeared:
I : What are the types (storage method, transmission method, power)? What are the sizes? What are the prices and what they depend on? Where do they come from - do they make them serially?
He : Each device is individually individually - sharpened for a specific ATM, because The main required property is stealth. Nobody makes them serially, because it is still a criminal offense, but this does not mean that they are all done by hand. The price of the turnkey skimmer - from 5000 and above. These are mostly stand-alone devices with built-in memory - “set, waited, removed”, I did not have any options for transferring data, but it is obvious that it is much safer for owners.
// Here the interlocutor did not tell about the sizes of the devices, but I found a couple of interesting images on the Internet. Yes, yes, even such a “lighter” (more correctly, “Cube”) in the hand of a person next to you is able to stifle your condition.
Me : How are they fastened? It happens stupidly over the clave and the gap. But I heard that more often just put the camera. Maybe something else came up?
He : That's right - in simple models it is attached only to the card reader + a camera for removing the pincode. There are a lot of ways to mount the camera.
// Looking around the photo of the ATM, I figure out where I could hide the camera. If this is not an “extra” camera in a bank that looks like a real one, then there are not so many options. If a person is tall, then the camera can be glued to the top of the ATM, sticking out above the clave - you just can’t see them, but bending down a bit is easy. Or you can hang your “lamp” for lighting, in which you can hide the “grain” from the camera in transparent plastic (have you seen what size of camera in some video door phones? “.” - a little more than this point)
Or, just like on a photo from Ineta, in a box for advertisements, originally awarded only with an informational function.
Well, or your code may stupidly peep nearby people;) Therefore, mirrors on ATMs glue for a reason. Caring for customers banks on their ATM also put special "fences" on the keyboard, which help not to burn the code.
I : Where are most often - in closed or open ATMs? Maybe some ATMs or banks are particularly irresponsible to this, and some - treasure customers? Favorite habitat? Where is more - in Moscow or St. Petersburg?
He : Preferred open ATMs. The greater the permeability of the people - the better. As for banks - xs. Any phreaker will not tell you this or will deliberately “change” the right bank names to places;) Everybody, of course, is watching, but nobody will say that their ATM will be active. Where more - IMHO , in St. Petersburg. But in Moscow, of course, is also missing.
Again, I : A little more at prices - you can only buy in the internet or in supermarkets also sold? ;) What changes in this case? What should a person do if he removed the skimmer? )
He : A ready-made kit purchased at Mitino or elsewhere - in 99% will be inoperative or already used, and then it is difficult to find what you need. On the Internet, people are much more willing to make contact, but in the same way you can buy something wrong or at an inflated price. Price, again, under the order - from 5000. If you managed to remove the skimmer - the case for small - to merge the information from there and sell it to carders. Or drops. To merge the money equivalent itself is equivalent to a confession to the authorities.
// Hmm, something is again this figure in 5K usd;) On the forums, the offers are completely different - from 1K to 15.
I : Who is doing this at all - after all, not just the pioneers of radio engineering? How are they installed - under the camera of an ATM every day they put in the morning and take cash collectors before they arrive? Or even they are not a hindrance? )
He : Who is engaged? Smart and cautious phreakers (not to be confused with freaks - my comment). The most common method of installation is after the arrival and departure of the collection group, after 5-10 minutes the “group” returns. and leaves again. The scheme is acceptable for organized crime groups, which can allow to imitate the overalls of masters. A simpler option is to set for evening and night, i.e. few people, the collection will not arrive guaranteed until the morning (arrival time is calculated by simple observation), but safety is higher. Skimmers are also usually installed and removed by a “noisy group of students”, i.e. the crowd is surrounded by an ATM (“blocking the suckers”), a skimmer is being installed ... well, and options for fantasy ...
Me : I want some numbers) Their risk is at least justified - how profitable is fishing? Or if not in dollars, then at least in the number of dumps. How often do skimmers work? )
He : The price of freedom is different for everyone, someone risks, someone does not. But it is not always necessary to do everything yourself;) do not hurt with% and everything will be. The number of dumps = the number of cards inserted into the ATM. Catch - no one has ever said specific numbers. But not only the device pays off, but also enough for a new one. Maybe I heard the song “There are dinners in the restaurant, there are no neighbors in the house, and the BVM of the 7th series is better than a bicycle” :)
I : I heard;) And what do they do with dumps, what is their future path? Does a person need to change a pin code if he only inserted a card but did not enter a code? « » ? , ? 5 ?
: — . . — . - . «» , - . ? ? . . , ( ).
, , , . -, ;)
, , . , , , , , – , – , .
GSM-
, , ) - , . – , - . – — , , – , . , , - .
, ;) , , , :
1 . , . , - - – . , – , .
2 , ( ). : , . , – . , , – 02 – !
3 - – =) -- . - , , .
4 , . > > > > > .
5 : « , , . , 4- - 6-. - , ». , , , , . …. -! , , , . – – . :)
6 – — ;=)))
– , :
)
1 . :
– , , … --, , … … :)))
2 :
– , (, ), .. , , – . ( ), . … , )
— – , , – … – ) :
( , , , .. , - )
« », , , , . , - :) , ! )
Successes!
Source: https://habr.com/ru/post/67141/
All Articles