Hole in the wall gang busted
IN THE FIRST US prosecution of cash machine reprogrammers, felony charges await two entry-level ATM thieves who were captured after a confrontation at gunpoint and a wild scuffle followed by a high speed car chase in Lincoln, Nebraska.
Jordan Eske and Nicolas Foster, both 21-year-olds from New Orleans, Louisiana, are lodged in the Lancaster County Jail pending arraignments October 1st. Both are to be charged with four counts of theft by deception and one count of computer fraud for allegedly using default passcodes to reprogram cash machines and steal money.
The pair allegedly accomplished their thefts by programming the ATMs to register that they had smaller denomination bills in their dispensing racks than were actually present. They will be charged for having hit four local retail stores and telling privately owned, in-store ATM machines that they were loaded with one-dollar bills instead of 10 and 20-dollar bills.
By receiving twenty 20-dollar bills instead of one for a $20 cash withdrawal, they would net $380. Collecting fifty 20-dollar bills instead of two twenties and a ten for a $50 withdrawal would net $950.
These two geniuses must have believed they could conjure up money practically at will.
The young criminal masterminds apparently used default operator passcodes listed in owners manuals they found online for ATM cash dispensers built by Tranax and Triton.
Eske and Foster were taken down on their fourth raid at Lobo's City Mex restaurant in August. Having been warned by his ATM servicing company that their cash machine had been fiddled on three previous occasions, the owner's son and manager Raul Lobo was waiting for them when they came in around midday. He recognized the pair from having reviewed earlier surveillance tapes.
"So I locked the doors and told them not to move while I had one of the employees call the cops," Lobo said. He then tried to hold the pair at gunpoint, but they forced the door open and attempted to flee. Lobo pursued them outside and scuffled with one of the scamsters.
Lobo's gun went off in the fight, but luckily the shot didn't hit anyone as the thieves bolted and fled the scene in a rented car.
Lobo jumped in his own car and took off after Eske and Foster. Such a high speed pursuit in the fairly laid back city of Lincoln, Nebraska eventually attracted police notice and the cops soon took up the chase. Eske and Foster were easily captured after they pulled over and tried to run through a building and out the back door in attempting to lose the police.
A search of the scammers' rental car turned up $10,000 in cash. They are suspected of stealing $13,600 in Lincoln and maybe more on their home turf in the New Orleans area.
Such ATM reprogramming thievery first surfaced in Virginia Beach, Virginia in 2006, and has since tipped up in Derry, Pennsylvania and the defendants' hometown of New Orleans.
Both companies had released software patches in 2006 that required new ATM operators to change the default passcodes the first time the machines were used.
Also, an ATM industry association had discovered the security flaw and warned its members more than a year ago.
Eske and Foster might have gotten away with their scam for quite a while if they hadn't fallen into such a rut and gone back to steal from the same restaurant ATM four times. µ
L'Inq
Wired
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
I enter the passcode, I then make a withdrawal, at end of business there is an error with the amount of money the machine thinks it has.

I do this again, and I leave my calling card, the fact I was one of the customers who made a withdrawal.

After doing this to 4 or 5 machines times surely I will be the only person in that group of suspects.

It sounds like a crime that can only be committed a very limited number of times, because of the trail left behind.

And if someone travelled to a lot of different machines which just happened to have been hit with the dodgy code, then you would need a good reason for why you travelled there. A reason a jury would believe.

If this got mainstream coverage, then it would be funny and possible to get away with because so many people would be doing it. It just seems to me that very soon the police will catch up with the criminal doing this.

Only way I can think of to beat this is to have a fake account, make a deposit and then run around looking for cash machines which don't have video surveillance.

Just playing at being Columbo and the bad guy!
Okay, they are criminals and have obviously watched Terminator II a bit too often, but come on - default passwords ?
Some tech guy should be laid off, or his manager if there were no instruction to change the passwords.
Nobody ever leaves default codes in a machine that accessible to the public by any means. That is basic and obvious.
To pascal Monett-

Default passcodes DID work because people are lazy and don't want to hassle with so many passcodes. I remeber hearing about this a year ago too. I think InQ covered that too. It hit a few of the news sites as a good laugh at stupid techs who forgot to change the passcode.

People are dumb, stupid and lazy. Why are you surprised at this fact?