175
Cybercrooks use Raspberry Pi to steal ATM cash (www.theregister.com)
submitted 19 hours ago by fne8w2ah@lemmy.world to c/technology@lemmy.world
17 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] ExcessShiv@lemmy.dbzer0.com 6 points 12 hours ago

I just work a pretty standard engineering job at a large company (basically regular office work, not a critical industry like power or pharma), and any MAC that isn't approved by IT is simply not a allowed to interface with anything whatsoever. It's insane that a bank has this loose IT security.

[-] Pika@sh.itjust.works 2 points 12 hours ago

, Agreed. Like, I'm not surprised that it was allowed to interface with the ATM because at that layer, I think the jump would have been from the switch to the ATM(although the ATM should habe not accepted the connection imo). So it would have never gone through any security. But it blows my mind that it was allowed to access a mail server as part of the routing, And even more so that it was allowed to go from that mail server to the outside world to establish a second route into the establishment. Like, how did it never hit any type of security or blocker anywhere in that process?

[-] ExcessShiv@lemmy.dbzer0.com 2 points 3 hours ago* (last edited 3 hours ago)

Even at that layer it should require site specific knowledge to gain access to the network, knowledge like specific IP ranges, netmask and VLAN, that they really shouldn't have. This bank managed to mess up literally every single step of the IT security chain, it's almost impressive.

this post was submitted on 03 Aug 2025
175 points (100.0% liked)

Technology

73567 readers
3183 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws