A Closer Look at Recent ATM Heist in Taiwan

Ministry of Justice Investigation Bureau (MJIB) 法務部調查局 is the criminal-investigation and counter-intelligence agency reporting under the Ministry of Justice in Taiwan.  MJIB has recently announced the findings of ATM heist in Taiwan.

Since it is reported by MJIB that the malware items do not have external communication capability and the cyber criminals did not appear to use ATM card, it is plausible that the cyber criminals exploited the weakness of physical / logical access controls and then bypassed device management’s protection mechanism.

Once the payloads were delivered, the cyber criminals can interact through keypad to wake up the malware for jackpotting ATM as in 2014 ATM incidents.

Take one step back, some questions remain.  We may ask how the cyber criminals possibly bypassed physical / logical access controls without triggering alerts in the first place.