DefCon 24Fake ATM spotted by DefCon attendees
One of the curious features at the DefCon 24 even in Las Vegas is a fake ATM in the show’s venue. The fake ATM kiosk was placed in the lobby of the Riviera Hotel Casino sometime before the conference opened. As is appropriate at an event of sharp-eyed cybersecurity specialists and white hackers, the scam was uncovered when people noticed something wrong with the machine.
Fake ATM in casino discovered by DefCon attendees // Source: theconversation.com
One of the curious features at the DefCon 24 even in Las Vegas is a fake ATM in the show’s venue.
The fake ATM kiosk was placed in the lobby of the Riviera Hotel Casino sometime before the conference opened.
As is appropriate at an event of sharp-eyed cybersecurity specialists and white hackers, the scam was uncovered when people noticed something wrong with the machine.
“They looked at the screen where there would normally be a camera,” Priest, a senior conference organizer, told Computerworld. “It was a little bit too dark, so someone shined a flashlight in there and there was a PC” (Priest identified himself only by the moniker “Priest”).
The BBC reports that the fake machine was designed to log card data and the associated PIN numbers of cards used on the machine, so the hackers could later retrieve the information. This information could then be used to manufacture counterfeit cards which would be used to take money out of compromised accounts.
It is not clear how long the fake ATM was stationed in the lobby before it was discovered and removed last week. DefCon organizers notified local law enforcement officers, who took away the machine for tests.
The BBC notes that the scammers behind the fake ATM installed their machine next to the hotel security entrance, in one of the few areas of the casino away from surveillance cameras. But what they failed to take into account a the fact that the hotel would soon be hosting more than 8,000 security pros familiar with cybercrime.
PC Worldreports that ATM-related scams are commonplace in Vegas, with the Secret Service and local law enforcement investigating reports about ATM machines which debited accounts without dispensing cash. These other scams were discovered after conference presenter Chris Paget unsuccessfully tried to withdraw $200 from an ATM at the Rio All-Suite Hotel and Casino last weekend. The ATM “whirred and chugged,” Paget said, but failed to dispense cash. Subsequent checks online revealed that Paget’s account had been debited.
Other people reported the same problem, the cause of which is still unclear. Anything ranging from simple machine malfunction to malign tampering of one sort or another remain possibilities.
PC Worldnotes that the focus on suspected ATM fraud during DefCon this year follows a cancellation of a talk on ATM security at Black Hat, the other security conference taking place in Vegas last week. The talk was cancelled after one of the researchers involved in writing the paper wanted the presentation delayed until it the reported problem was addressed.
