An individual known only by the online handle “Gripper” has popped up on several underground cybercrime forums advertising a new service. No, it’s not another botnet or malware package — it’s ATM and PoS card skimmers. However, this isn’t like the cheap readers that card thieves have been affixing to ATMs for years. Gripper claims his outfit can mass produce entire readers with a 3D printed casing and the necessary electronics to make everything look legit.
As proof, Gripper provided pictures of the facility in China where these devices are built. He includes a snapshot of a 3D printer making a piece of a VeriFone PoS terminal, completed parts for ATM machines, and several completed VeriFone readers allegedly built from scratch. The ads even mention several widely used systems by name, and buyers get free 24/7 support. You probably don’t even get that from your computer manufacturer.
Most card skimmers are designed to be integrated with, or added on top of, the real card reader of an ATM or PoS kiosk. When a customer swipes a card, the skimmer saves the card number and any PIN code that was entered. The thief can come back later and retrieve the data to use or sell on the black market. The advertised machines have the same basic functionality, but would be much harder to detect.
Some of the components Gripper offers include keypads for Wincor ATMs ($1,000), the cover/camera panel for NCR 5886 ATMs ($1,850), and various complete VeriFone terminals for undisclosed sums. Gripper says his group is willing to send devices anywhere in the world and will sell outright, or just work with shopkeepers to pay them a percentage. Several supposed buyers have posted on the forums to confirm that Gripper can deliver what he claims.
If this and other groups have managed to reach the point of mass producing passable card skimmers and PoS machines, you might have to be much more wary of where you’re swiping that card.
This entry passed through the Full-Text RSS service — if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.