Aw, how convenient! Now, when you purchase your next ATM skimmer, you don't even have to risk being arrested when you wander out to retrieve it. For those outside of the know, an ATM skimmer sits on credit / debit card machines and swipes information as unsuspecting civilians pass their cards through. In the days of old, scammers would have to physically retrieve the skimmer in order to acquire all that precious information; now, models with built-in SMS notification are becoming available, meaning that numbers, expiration dates and that easy-to-forget three digit code on the back can be shot out instantly after the data is snatched. Word on the street has these devices going for $8,500 a pop, and they can dish out around 2,000 texts. Just another zany hack to be aware of in the wide world of ATM shenanigans.

[Via Hack-A-Day]

Man, that tiny Eee PC can be used for just about anything: surfing the web, blogging, surreptitiously hiding inside an ATM machine and stealing your identity. You know, the usual stuff. Yeah, so three creative Brazilian thieves were recently caught stuffing a black Eee into an ATM, where it replaced the ordinary magical-money-making workings and instead stole unwitting customers' card numbers and PINs. The thieves didn't stop there, however -- they purposefully damaged all the other nearby ATMs so that theirs would be the only one in service. Clever! Of course, that doesn't explain why it was so easy to crack open the target ATM in the first place -- we'd pretty much consider our cash flow problems solved if we could pull that trick. Check out the Brazilian TV report after the break -- any Portuguese speakers care to translate?

Every so often, a gizmo crosses our path that truly makes us question the thought process of its creator(s). This particular Friday, that gizmo is the Blinger. This so-called "portable ATM" apparently enables users to whip out an oversized, one-trick-pony of a device and instantly send cash for wares, check your current level of fundage, calculate currency conversions and wonder why on earth they haven't invented this thing called "online banking." Oh, wait.

[Via InventorSpot]

Alright, so it's not a real hole-in-the-wall, but just in case your eight year-old did need some training in how to operate one, here's the Hello Kitty ATM Bank. Its pink, it's got HK on it, and it looks vaguely like those machines you find in 7-Elevens: fortunately, it won't give your kids cash on credit. They've gotta put some pennies in first. It comes with a Hello Kitty cash card for withdrawals, which should help your child transition to the Hello Kitty Consolidated Bank account you've set up -- yes, they're real. No word on how much this monstrosity is, but you can probably guess which country they're available in.

[Via Crave]

Gaze-based password entry might sound like a chore -- and we can't say we find the fact of aligning our eyes with an on-screen ATM keyboard all that practical -- but if it means we can finally avoid that awkward moment at the cash machine where we block the keypad view from that shifty-looking sixth grader standing next to us, it just might be worth it. Stanford University has folks working on just such a solution to the dreaded "shoulder-surfing" at ATMs, and has come up with EyePassword. They're testing some systems that track your eyeballs in a variety of ways to perform PIN input, and while the resulting study shows that input times are slowed a little, the system does indeed make "eavesdropping by a malicious observer largely impractical." Of course, there's no telling when something like this will hit your neighborhood deli.

[Via New Scientist]

Considering all the companies that have already (or almost) jumped on the cashless bandwagon, it follows logic that another duo of Japanese firms are bringing their own biometric payment system to the forefront. Reportedly, Hitachi and JCB Co. Ltd. are working hand in hand (ahem) to develop a system that would "identify the veins on a person's finger" in order to sync with their credit card or bank data and complete a purchase. As expected, the companies are pushing their creation as a safer and more reliable method of paying for items, and while there's no telling how quickly customers are apt to implement said technology, Hitachi has reportedly stated that it would "launch an experiment in September involving 200 of its employees to see if it is commercially viable to introduce the system in shops, banks and other businesses."

With all the chicanery that's been going on with ATMs of late, it looks like the machines are finally getting back at the humans. In a move that's already confusing creatures of habit, envelope-free ATMs are starting to pop up in highly-trafficked areas, and as the name implies, they require that your deposits not be stuffed into an envelope beforehand. Diebold, NCR, and, Wincor Nixdorf (among others) are beginning to roll out these newfangled machines, which cost some 20-percent more than typical ATMs and sport specialized scanners that can detect how much cash you're actually inserting as you slide your check / bills into its theoretical mouth. The biggest boon here is the drop in processing costs to banks, while customers are likely to be pleased with instant receipts and nearly-instant access to the fundage. 'Course, we're just counting down the days until yet another ATM trickster figures out how to convert a Hershey's wrapper into a $20 bill.

[Image courtesy of ABC]

Granted, we'd be a tad more surprised about this if it wasn't found in Russia, but this one defies logic regardless. While we're unsure if tricksters have figured out a way to siphon unthinkable quantities of cash from this particular ATM, the owners should be ashamed of themselves for running a (presumably pirated) unactivated copy of Windows on the public banking machine. Of course, there's quite a few workarounds for this problem if you take the time to look, but seriously, who skimps on a product activation code when running a multi-million (billion?) dollar banking operating?

[Via TheRawFeed]

Joining the infamous Chip & PIN terminal hacks as yet another way to siphon banking details from unlucky Londoners, a group of "malware purveyors" reportedly dropped off tempting Trojan-infused USB drives in a UK parking lot in hopes that unsuspecting individuals would take the bait and subsequently hand over their banking credentials. Supposedly, Check Point regional director Nick Lowe mentioned the wile at the Infosec trade show, but couldn't elaborate due to the ongoing investigation. Another insight suggested that such chicanery was becoming "the new phishing email," but hey, where's the love for those oh-so-vulnerable ATMs? Take note, dear Brits, that the free storage you're eying on the park bench could end up costing you quite a bit in the long run.

Throughout time, man's best friend has proven to possess an extraordinary capacity to provide helpful services. An unfortunate few become chauffeurs for lazy individuals, however many others provide invaluable aid to the disabled and wheelchair-bound. Assistance dogs have been known to perform tasks such as doing laundry and grocery shopping, but now they can totally rock the ATM as well. It all started with Endal, a ten-year-old Labrador Retriever assistance dog who took the liberty to nab his frustrated wheelchair-bound owner's card, money and receipt with his mouth -- a first for contributive canines. A charity that trains assistance dogs, Canine Partners, was quite inspired and has added an ATM regimen that teaches the helpful hounds to insert and remove cards, retrieve cash and receipts, and hand them to the owner who is responsible for entering their PIN number. Nothing in life is free, and a lot of stuff in life requires cash, therefore we can definitely conclude that this novel advancement is paws-down progressive.

[Via Spluch]

Although we wouldn't expect to find the latest release of Photoshop on your neighborhood ATM, it's not so far fetched to think that Paint would be left on a Windows-based ATM. We've seen a recent boost in cash machine hacking of late, and while this latest attempt doesn't siphon illegal coinage out of the slot, it does make for quite a laugh. Joining the pitiful array of other Windows-powered mishaps, a sharp cameraphone-toting individual spotted a local ATM that had a beautifully hand-crafted Paint message on the front screen in place of the typical "Insert your card to begin transaction," and while we've already said too much about a picture that speaks a million words, be sure to click on through to see how accessing an ATM's start menu can lead to all sorts of mischievous mayhem.

[Via Digg]

Hacking into sensitive machines and playing brain games on them certainly isn't new -- and a pair of researchers at Cambridge have already done just that on a "tamper-proof chip-and-PIN payment terminal," -- but in a recent (and more serious) development, they've extended the exploit to demonstrate how they can "compromise the system by relaying information between a genuine card and a fake one." Saar Drimer and Steven Murdoch, members of the Cambridge University Computer Laboratory, have not only played Tetris on a banking machine, but have devised a scenario where a terminal is actually connected to a thief's laptop (instead of a bank, for instance), thus passing through crucial information without throwing a red flag to the now-screwed customer. Through a series of RFID, WiFi, and SMS connections, the duo even explains how something so simple could be used to steal thousands of dollars in diamonds and jewelry if working with a trained crew. Still, it's noted that this kind of stunt would be "difficult to execute in practice," and of course, whoever tries it runs the risk of being imprisoned for quite some time, but if you're interested in an eerily detailed description of just how beautiful you life can become if you actually pull this off, the read link demands your attention.

Considering all the ATM hacking that's been going on of late, it's not all that surprising to see those "uber-secure" fingerprint readers hitting mini-banks in Japan and Columbia, and now a pilot program is getting set to install 15 biometric ATMs at "village kiosks in five districts across southern India." The fingerprint-reading machines are expected to serve around 100,000 workers, primarily farmers and other laborers, who will finally be able to withdraw funds directly from a machine rather than suffering through the corrupt hand-me-down process that often steals money away from already poor workers. AGS Infotech, who is supplying the first batch of systems for the trial, is interested in seeing if the system actually works out, as many villagers have trouble interacting with any type of computing interface, and because many villages have their own dialects, making a UI that can communicate to everyone is difficult. Of course, there are individuals who suggest that these systems will only incite crime, as thieves look to new methods (read: hacking a thumb or two) to extract funds, but proponents of the system say that this is no different than armed criminals forcing someone to give up their PIN number at gunpoint. Nevertheless, the trial is slated to start soon, and there's quite a few outsiders watching intently to gauge its eventual success or failure, as analysts predict that "over 100,000 ATMs" could be necessary to handle India's booming economy in the next few years.

Everyone relies on their ATM cards pretty frequently -- after all, there's no better (or, often, more necessary) way to start your evening than with a $40 quickdraw from your favorite local money machine. Well, you may want to think twice (that is, if you're among the paranoid security-minded types) next time you whip out that thin piece of plastic. A group of researchers at Algorithmic Research (ARX), an Israeli security firm, published a paper two weeks ago describing a very serious flaw inherent in most ATMs. Apparently, between the time that you input your PIN and the time that the machine spits out your cash, a dataset containing your PIN and account number is encrypted and decrypted a few times while being routed along the banking network -- and somewhere along that point, it's conceivable that those numbers could be intercepted. MSNBC reports that while no attacks using this method have been detected, the US Secret Service is already on the case, and that while Visa and the American Bankers Association are acknowledging the problem, both are dismissing the hacking scenario as being unlikely. Still, we might consider busting out that money belt sometime soon, getting the USSS on the job means it could be big. [Warning: PDF link]

[Via MSNBC]

While sniffing out ATM info has been used by tricksters criminals for years, a Manchester-based bloke was trafficking private bank information from various cards to illegally purchase goods -- with the help of DAPs, no less. Although your evil twin could manage to reprogram an ATM to disperse 300 percent more cash than it really should, this fellow secretly attached an (unsurprisingly anonymous) "MP3 player" to the backs of free-standing cash machines in "local bars, bingo halls, and bowling alleys." The device recorded the tones from transactions, which were then decoded and "turned into information used to clone new credit cards." The fellow learned his savvy computing skills from "a friend in Cambridge," and was oddly not caught jacking cash or throwing down on a new HDTV; rather, police caught on to his scheming when they located a counterfeit bank card in his vehicle during a routine traffic stop, which led them back to his presumably disclosing home. While we applaud the ingenuity, the motives are certainly below traditional moral standards, but this certainly isn't the first (nor the last) criminal offense involving DAPs.