Traveling in Mexico? Watch out for ATM skimming. Eastern Europeans have a thriving practice here.

  • Team Omega
  • September 14, 2015

Holiday travels have subsided across the country due to start of school and end of summer approaching. However, seasons or travels don’t matter to hackers always on the prowl.

A recent story by Krebs on security reports ATM skimming in Mexico over the last few months was flourishing with Eastern European groups looking to bribe ATM technicians in return for ‘direct, physical access to the inside of a single ATM that the technician served’. The bribe was a one-shot 100 times over monthly salary.  Money is most often the best bait. Not surprisingly, one technician succumbed.

“Experts examined the skimming technology first-hand. The company tested the hardware by installing it into ATMs that were not in service. When they turned the devices on, they discovered each component was beaconing out the same Bluetooth signal: Free2Move.”  The Bluetooth were supplied by the group of Eastern Europeans and could be ‘discretely wired directly onto the electronic ATM circuit boards which independently serve the machine’s debit card reader and PIN pad’.

The story goes, each of the bluetooth circuit boards are tiny — wafer thin and about 1 cm wide by 2 cm long. Each also comes with its own data storage device. Stolen card data can be retrieved from the bluetooth components wirelessly: The thief merely needs to be within a few meters of the compromised ATM to pull stolen card data and PINs off the devices, providing he has the secret key needed to access that bluetooth wireless connection. What makes this type of skimming dangerous is that ‘the devices could sit for months or even years inside of compromised ATMs before being detected (depending in part on how quickly and smartly the thieves used or sold the stolen card numbers and PINs).’

When using an ATM machine to withdraw cash, one simple precaution we would want to use is cover the pin typed on the keyboard with one hand. It may not do much but will at least prevent the skimming device from capturing the code.

Follow this link – The Omega Appliance just introduced to the market for networking monitoring, log collection and internal vulnerability scanning. Call 636-557-7777 x2405 or email