A Chinese software manager has bagged a ten years jail term after exploiting a loophole in his bank’s operating system.
Malicious programmers are hackers are increasingly taking advantage of the aging operating systems used by banks in their ATMs. The alarming rate of successful heists and attacks has driven many banks into the arms of specialists like IBM to update security and increase resistance to fast-evolving malwares.
The latest scandal to be uncovered in the increasing string of ATM attacks is another Chinese incident. According to the South China Morning Post, experienced software manager and 43-year-old Qin Qisheng who worked in Huaxia Bank discovered a loophole in the company’s operating system and carefully executed his plan to exploit it for more than a year.
Qin is reported to have carted away more than 7 million yuan (approximately $1 million) over the space of a year, into a deliberate designated account. The Chinese manager discovered an unrecorded timeframe in the company’s core operating system in which to make withdrawals and consequently devised an attacking plan.
After writing a script to bug the system, he integrated it into the company’s core operating system and manipulated the system from raising suspicious alarms. Qin’s attacking plan worked, and quietly went on for over a year. He continued to make withdrawals quietly without arousing any form of suspicion until Huaixia finally discovered his malicious scheme.
Qin, prior to the judge’s ruling in his defense, attempted to explain away his fraudulent action by attributing them to ‘internal security tests,’ and claiming the stolen cash were only ‘resting’ in his account before they would be returned to the bank.
While his employers surprisingly afterward accepted his explanation and fixed the problem as Qin restored all the money, the court was not sympathetic. Although Huaxia pressed for charges to be dropped against him, the law enforcement thought otherwise and his jail term of ten years and a half was upheld despite an appeal.
Bitcoin ATM Attacks
Attacks on ATMs have unsurprisingly been more pronounced on Bitcoin ATMs, with many cybercriminals even buying malware scripts for $25,000 on the dark web to exploit glitches on aging operating systems. According to Trend Micro which published the Dark Web promotions, crypto cybercrimes would not be ending any time soon.
“As long as there is money to be made — and there is quite a bit of money in cryptocurrencies — cybercriminals will continue to devise tools and to expand to lucrative new “markets,”” Trend Micro said. “As the number of Bitcoin ATMs grows, we can expect to see more forms of malware targeting cryptocurrency ATMs in the future.”