Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Authorities Disrupt ATM Skimming Operation in France

An operation conducted on May 18 by the French Gendarmerie of Pau, in cooperation with the Investigative Unit of the Italian State Police of Imperia and Europol, resulted in multiple house searches in France and Italy, as well as in the final arrest of nine individuals in France, Europol said in a statement

An operation conducted on May 18 by the French Gendarmerie of Pau, in cooperation with the Investigative Unit of the Italian State Police of Imperia and Europol, resulted in multiple house searches in France and Italy, as well as in the final arrest of nine individuals in France, Europol said in a statement.

The group was composed mainly of French-Italian nationals who used sophisticated ATM skimming devices to compromise ATMs and fraudulently withdraw money in countries outside the European Union. According to the authorities, the criminal network’s actions resulted in estimated losses of more than half a million euros.

During the raids, authorities seized a broad range of devices the criminals were using in their nefarious operations, including micro camera bars, card readers, magnetic strip readers and writers, computers, phones and flash drives. During searchers, law enforcement also seized two hand guns, five vehicles, and thousands of plastic cards ready to be encoded.

Europol explains that the group was harvesting financial data from ATMs in different areas of France and used this card data to create fake payment cards. The data was stored on a cloud server that the members of this criminal organization controlled, while the fake cards were used to withdraw large amounts of cash from ATMs in Asia and the US.

The group’s modus operandi resembles a lot with that of another ATM skimming organization that Europol and the Italian Carabinieri took down last month. That group, focused on compromising ATMs across Europe to copy and store magnetic strip card data and confidential PIN codes, was comprised mainly of Romanian nationals, although their activities spawned across the continent.

During their April operation, authorities arrested 16 individuals in Italy and seized various devices used for ATM skimming. The same as in the newly disrupted operation, criminals were gathering card data and then used fake cards to make large withdrawals outside the EU, in countries such as Indonesia and Belize.

Earlier this month, thieves hit 1,400 convenience store ATMs in Japan during a coordinated hours-long heist. The international gang members, reportedly numbering around 100 people, each made a series of withdrawals in less than three hours, Japanese media said. Their haul totaled 1.4 billion yen ($13 million), according to the reports, with machines in Tokyo and Osaka among those targeted.

Global banks have been facing the ATM skimming issue for years, with criminals constantly looking for new ways to conduct such fraudulent operations, and even using hard to detectmini-skimmers

In the meantime, Banks are considering counter-measures such as the use of smartphone-based systems, which could replace the current card-based ones.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack