Either these thieves were incredibly dumb or have a lot of chutzpah. A hacker attending the Las Vegas Defcon conference over the weekend discovered a bogus ATM that was ripping off users.
The phony ATM machine was located at the Riviera Hotel Casino, the host of DefCon 17, and drew the attention of a conference organizer known only as Priest. He noticed that the ATM screen had a shell without a bank name and that the machine's screen also seemed darker than normal, according to several reports. After closer inspection, Priest discovered a computer behind the screen instead of a camera and determined that the PC was recording the PINs of unsuspecting users.
The thieves may have thought they could pull off the caper by placing the fake kiosk out of the range of security cameras, but they were no match for the 8,000 attendees of the conference. The machine was carted off by the police for further examination.
"This is a very common scam," Priest told Forbes. "At gas stations, this happens a lot."
In an ironic twist, a scheduled presentation titled "Jackpotting Automated Teller Machines" at the conference by Juniper Networks researcher Barnaby Jack was scrapped because of an unnamed ATM vendor, who cited security reasons, according to SC Magazine.
"Considering the scope and possible exposure of this issue on other vendors, Juniper decided to postpone Jack's presentation, until all affected vendors have sufficiently addressed the issues found in his research," Steve Manzuik, Juniper's senior manager of security research, said in a statement.