An ATM user in Malaysia couldn’t believe his luck when the machine spits out cash, believed to be about RM10,000, after he has made his transaction. The unexpected windfall has probably left the man in a moral quandary as the money didn’t belong to him.
A surveillance video footage of the incident has gone viral on Youtube and it made the news in several newspapers overseas. The 17-second long footage showed the man scooping up the money after looking around to check if anyone was watching him.
After putting the amount of money he withdrew in his wallet, the ATM malfunctioned and started to spit out the extra money. It is not known whether the man reported the incident to the bank and returned the money.
The CCTV footage can be seen here.
Since the incident was recorded on a surveillance camera and the footage was time-stamped, the bank could easily identify the account used to make the transaction. That is if a card was used to make the initial withdrawal.
Was it just a stroke of luck that led to the ATM user striking the jackpot or was there a crime committed?
Cybersecurity researchers had warned that a secret code could make any ATM start spitting out money without even needing to read a bank card.
According to a report, Kaspersky Lab said a software containing a complex trojan virus could be physically uploaded to ATM machines, allowing criminals to steal millions of dollars. Called Tyupkin, the malware enabled a person to steal money by using an infected machine. The thief needed to access a few hidden menus and input a secret passphrase.
Investigators found that Tyupkin was capable of executing a number of sophisticated operations. Installed using a bootable CD, the trojan’s first order of business is to disable the McAfee antivirus software, often ATMs’ only defence against such malicious code.
The report said it could also disable local network connections, preventing a bank, for instance, from discovering the security breach. It was said to be capable of entering a “standby mode,” activating itself only on certain nights, to help avoid detection.
It added that Tyupkin had been deployed primarily on Russian and Eastern European ATMs, but some machines in the US, Israel, China, France, India, and Malaysia had also fallen victim.
Source : The Heat Malaysia Online