Home / News / Hackers stole 1.5 million euros from a German bank by cloning customer EMV cards

Hackers stole 1.5 million euros from a German bank by cloning customer EMV cards

ZDNet reported that the Brazilian hack group cloned EMV debit cards from more than 2,000 customers of the German bank Oldenburgische Landesbank (OLB) and stole 1.5 million euros from its accounts, having cashed user funds throughout Brazil.

The theft happened last week and only affected Mastercard debit card holders.

“The incident caught the eye of several cyber-security experts who noted the peculiarities of the thefts, which only involved Mastercard debit cards issued by OLB“, — reports ZDNet.

In a statement released late last week, bank representatives said they had already reimbursed the losses to all the victims, their number was approximately 2,000 people. In addition, the bank has already blocked all compromised Mastercard cards, and is currently in the process of issuing replacements.

According to OLB, the incident was the result of an organized attack by cybercrime group with using of fake cards and terminals.

Read also: Media: discovered by Google iPhone hackers also attacked Android and Windows users

Customers noticed that all compromised cards were equipped with an EMV chip, and chip-and-PIN technology in theory should protect against such attacks. However, unfortunately, such incidents do not occur for the first time and EMV cards are also compromised.

Telefonica expert Manuel Pintag confirmed to ZDNet reporters that Brazil and Mexico are the largest “EMV cloning laboratories.” Local hackers often advertise tools to help create fully functional clones of EMV cards.

“To clone a modern chip-and-PIN card, criminals need a copy of the magnetic stripe of the EMV card. To obtain this data, attackers often rely on sniffers installed in ATMs or PoS terminals. It is these devices that are considered the main sources of debit cards compromised in a recent OLB incident”- said Manuel Pintag.

Moreover, the PIN code is not always needed, since some cloned cards work with any random PIN code entered in the PoS or ATM.Mastercard said it is still investigating the incident.

“We can confirm that neither Mastercard’s network or the EMV technology were compromised. Nor has any account or card data been hacked either at Mastercard, OLB or at a third party. This issue derived from a scam involving organized cybercrime using counterfeit cards and terminals”, — a Mastercard spokesperson said.

Manuel Pintag said that the easiest way is to monitor for the location and time of financial transactions. Often, fraudulent transactions are mixed with legitimate ones, in two countries at the same time, which Pintag said is a good indicator that card fraud is happening.
[Total: 0    Average: 0/5]
Sending
User Review
5 (1 vote)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Simjacker monitoring SIM cards

Attackers have been monitoring SIM card owners for more than two years with a Simjacker attack

Researchers at AdaptiveMobile Security have described a Simjacker attack that uses SMS messages to send …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.