How these two women hacked into banks through an ATM and robbed millions

One of the features that has evolved the most in the world of cybercrime is the ability of hackers to compromise banking systems and spoil the security of ATMs to extract all the money, activity that currently can go unnoticed if it were not for the fact that the banking security teams have been forced to make great advances as well.

An example of this progress is the work of the Rajasthan Special Operations Group (SOG), which recently announced the arrest of two Ugandan and Gambian-born women accused of hacking Baroda’s bank servers using a Raspberry Pi device. Using this technique, the defendants managed to steal more than 3 million rupees, equivalent to almost $50,000 USD.

In collaboration with the cyber police, the SOG managed to arrest Laura Keith and Nan Tongo Alexander, who will be prosecuted by Indian authorities.

After arriving in Delhi from abroad, both women used the aforementioned device to compromise the computer systems at the ATMs in order to extract money, an operation they repeated in various locations in India.

Apparently, the affected servers were compromised with relative ease due to the presence of a severe vulnerability. The defendants tried to go unnoticed in their attacks, continually moving between different states in India and even wearing new clothes, dark glasses or hats.   

The defendants placed the Raspberry Pi device in the cashier to send arbitrary commands, managing to extract money from the local server without using a card, which also required an extensive investigation of the defendants and any possible accomplices. Both women were arrested during one of their robberies and are already waiting to know their sentence.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.