MY KOLKATA EDUGRAPH
ADVERTISEMENT
regular-article-logo Monday, 05 May 2025

Rs 40 lakh withdrawn from ATMs detached from bank server

All three automated teller machines — in New Market, Jadavpur and Cossipore — were unmanned

Our Special Correspondent Published 31.05.21, 01:58 AM
The ATM in New Market

The ATM in New Market Telegraph picture

Around Rs 40 lakh was fraudulently withdrawn from three ATMs of a private bank between May 14 and 22 after detaching the machines from the bank’s server, police said on Sunday.

All three ATMs — in New Market, Jadavpur and Cossipore — were unmanned.

ADVERTISEMENT

Investigations revealed that the fraudsters had opened the “hood” of the ATMs and identified the cable that connected each machine to the bank’s server, an officer said.

“This is called the ‘man-in-the-middle (MiTM)’ attack that involves inserting a small device in the machine to create a proxy server. The ATM is thus disconnected from the bank’s server and it starts taking commands from the proxy server,” said an officer of Calcutta police.

Three such cases were reported in the city between May 14 and 22, the officer said.

When a user keys in the secret PIN and the amount he or she wants to withdraw, the ATM sends the commands to the bank’s server through “end-to-end encrypted” communication.

“The server reads the command and sends a ‘reply’ to the ATM to validate or decline the transaction. By setting up a proxy server, it becomes possible to get a transaction validated even without connecting to the bank’s server. Once the ATM gets connected to the proxy server, one can withdraw money keeping the bank in the dark,” the officer said.

A string of similar cases was reported in Delhi a few weeks ago, following which all banks were asked by the Reserve Bank of India to upgrade their security features in the ATMs and further secure the end-to-end encrypted communication between the ATMs and the banks.

An official of the bank defrauded in Calcutta told the police that the management knew that the end-to-end encryption in the communication between ATMs and the bank’s server had been breached and alerted the private company hired to maintain the ATMs.

“The company apparently did not upgrade the system,” a police officer said. Sources said the police would question officials of the company.

The bank has mentioned in its complaint to the police that Rs 18.8 lakh was withdrawn from an ATM in the New Market area, Rs 13.8 lakh from an ATM in Jadavpur and Rs 7 lakh from an ATM in Cossipore.

Sleuths have collected footage of CCTV cameras in the ATMs and adjoining areas. They will also examine the footage of CCTV cameras in the ATMs in Delhi subjected to MiTM attacks.

A few years ago fraudsters had used skimming machines to fraudulently withdraw money from several ATMs in Calcutta and duped more than 100 customers who had unknowingly swiped their cards through the skimmers installed in the machines. The skimmers were designed in a way that they collected all data from the ATM cards that were swiped through them.

After that, almost all ATMs in the city installed a burglar’s alarm that would be activated if anyone tried to break or tamper with the machine.

“From the way the MiTM thefts were executed, it is clear that at least one insider who has full knowledge about the machine’s technology was involved in the crime,” said a police officer.

Follow us on:
ADVERTISEMENT

J&K: Man picked up by Army found dead in Kulgam, Valley leaders allege 'foul play'

Police claimed that Magray, who 'confessed' to being an overground worker (OGW) for terrorists, tried to escape while leading security forces to a hideout in a forest area
PM Modi (L) and Vaibhav Suryavanshi
Quote left Quote right

I have seen the son of Bihar Vaibhav Suryavanshi's spectacular performance in IPL

READ MORE
ADVERTISEMENT