The UK Times Online (among others) is reporting about a sophisticated credit/debit card swiping fraud spree in Europe. Some card readers used at the largest retail chains in Europe (such as Tesco) are using card readers manufactured in China that contain bugs right on their motherboard. These read swiped cards, using a random pattern to avoid detection, and then transmit the data to Lahore, Pakistan once a day via the cell network.
Joel Brenner, an American government counter-intelligence officer, was quoted as saying:
Small but intelligent criminal organisations are pulling off transnational, multicontinental heists that only a foreign intelligence service would have been able to do a few years ago.
Apparently the only way of detecting the bug (short of ripping the reader apart to see the motherboard) is to weigh the reader. The bugged readers weigh a couple ounces more due to the added hardware.
The readers may or may not have been bugged at the point of manufacture or may have been infected in transit. The US is monitoring the case because of the potential link to Al-Qaeda in Pakistan.
I’m not sure if I should marvel at the ingenuity or quiver in fear because there’s nothing I can do to prevent from getting ripped off.
Multi-national, Integrated Theft
The UK Times Online (among others) is reporting about a sophisticated credit/debit card swiping fraud spree in Europe. Some card readers used at the largest retail chains in Europe (such as Tesco) are using card readers manufactured in China that contain bugs right on their motherboard. These read swiped cards, using a random pattern to avoid detection, and then transmit the data to Lahore, Pakistan once a day via the cell network.
Joel Brenner, an American government counter-intelligence officer, was quoted as saying:
Apparently the only way of detecting the bug (short of ripping the reader apart to see the motherboard) is to weigh the reader. The bugged readers weigh a couple ounces more due to the added hardware.
The readers may or may not have been bugged at the point of manufacture or may have been infected in transit. The US is monitoring the case because of the potential link to Al-Qaeda in Pakistan.
I’m not sure if I should marvel at the ingenuity or quiver in fear because there’s nothing I can do to prevent from getting ripped off.
via Security Now Podcast #166 about 15 1/2 minutes in.
Related Posts: