Security Affairs
US and allied Governments’ Recommendations: Securing Network Devices Against Russian APT Groups|Chaotic Eclipse Unveils LegacyHive Exploit Affecting Fully Patched Windows Systems|AsyncAPI npm Supply Chain Attack: Malware Injected Into Packages With 2 Million Weekly Downloads|U.S. CISA adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog|SonicWall warns of active exploitation of two SMA 1000 zero-days|Patch Tuesday security updates for July 2026, the largest update ever. 621 CVEs in one month|U.S. Treasury Sanctions VPN Provider and Cryptor Seller Behind Billions in Ransomware Losses|Attacker Used AI to Build Custom PowerShell Recon Malware|Malware Hits Japan’s Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended|CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper|Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach|U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog|US and allied Governments’ Recommendations: Securing Network Devices Against Russian APT Groups|Chaotic Eclipse Unveils LegacyHive Exploit Affecting Fully Patched Windows Systems|AsyncAPI npm Supply Chain Attack: Malware Injected Into Packages With 2 Million Weekly Downloads|U.S. CISA adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog|SonicWall warns of active exploitation of two SMA 1000 zero-days|Patch Tuesday security updates for July 2026, the largest update ever. 621 CVEs in one month|U.S. Treasury Sanctions VPN Provider and Cryptor Seller Behind Billions in Ransomware Losses|Attacker Used AI to Build Custom PowerShell Recon Malware|Malware Hits Japan’s Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended|CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper|Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach|U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Undetectable ATM shimmers used to steal Chip Based Card worldwide

Crooks continue using skimmers in card frauds, these devices are becoming even more sophisticated, last wave of attacks leverages on so-called Shimmers. Crooks continue to skimmers in payment card frauds, these devices are becoming even more sophisticated. The number of cyber attacks against ATM involving so-called ‘insert skimmers’ is increasing. Insert Skimmers are wafer-thin fraud devices designed to fit […]

SHIMMERS Dark_THUMBNAIL

Crooks continue using skimmers in card frauds, these devices are becoming even more sophisticated, last wave of attacks leverages on so-called Shimmers.

Crooks continue to skimmers in payment card frauds, these devices are becoming even more sophisticated.

The number of cyber attacks against ATM involving so-called ‘insert skimmers’ is increasing. Insert Skimmers are wafer-thin fraud devices designed to fit invisibly inside the ATM card slot.

Insert Skimmers are able to capture card data and store it on an embedded flash memory.

In July, the popular investigator Brian Krebs reported in some cases the use of insert skimmers that were able to transmit stolen card data wirelessly via infrared.

The infrared is a short-range communication technology, every day we use it when we change TV program with a television remote control.

Krebs cited a case that has happened a few weeks before in the Oklahoma City metropolitan area where at least four banks were victims of ATM attacks involving insert skimmers.

Latest warning is arriving from Canada where experts observed a new wave of attacks using sophisticated ATM skimming devices called ‘Shimmers.’ The Shimmers are skimming devices that could be used to steal data from chip-based credit and Debit cards while cardholders use them in POS (Point-of-sale) terminal.

Shimmers, and more in general insert skimmers are substituting bulkier skimmers, as explained by Const. Alex Bojic of the Coquitlam RCMP economic crime unit.

SHIMMERS Dark_THUMBNAIL

“A major Coquitlam business now includes daily testing of its computerized point-of-sale terminals as part of its security routine. On January 11, 2017, one of those routine daily checks found that a test card was sticking inside the terminals. When the terminals were opened, they contained four very slim, plastic card ‘shimmers’ that contained microchips meant to illegally capture the banking data on your credit or debit cards. If the data had been successfully stolen it could have been used to create fake credit or debit cards.” reads the blog post published by the Coquitlam RCMP economic crime unit.

“The Coquitlam RCMP Economic Crime Unit (ECU) says these new, tiny card shimmers make the once-bulky, overlay systems called ‘skimmers’ virtually obsolete. You can’t see a shimmer from the outside like the old ‘skimmer’ versions says Cst. Alex Bojic of Coquitlam RCMP ECU, businesses and consumers should immediately report anything abnormal about the way their card is acting. That’s especially true if the card is sticking inside the machine.

insert skimmers

The shimmers have been used in attacks against POS Machine located in retailed stores and other public areas.

“Most skimming devices made to steal credit card data do so by recording the data stored in plain text on the magnetic stripe on the backs of cards. A shimmer, on the other hand, is so named because it acts a shim that sits between the chip on the card and the chip reader in the ATM or point-of-sale device — recording the data on the chip as it is read by the underlying machine.” wrote Krebs.

The crimes were initially reported in in Canada, but law enforcement is warning financial institutions worldwide.

The shimmers work by fitting inside a card reader, then they are able to record information from chip cards.

The ATM shimmers attacks exploit the fact that some financial institutions apparently don’t correctly implement the EMV chip card standard.

According to gbhackers.com, ATM giant NCR Corp wrote in a 2016 alert that an essential condition for the success of this attack is if a bank card “issuer neglects to check the CVV when authorizing a transaction”.

“All issuers MUST make these basic checks to prevent this category of fraud. Card Shimming is not a vulnerability with a chip card, nor with an ATM, and therefore it is not necessary to add protection mechanisms against this form of attack to the ATM.”

[adrotate banner=”9″] [adrotate banner=”12″]

 

Pierluigi Paganini

(Security Affairs – insert skimmers, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]