Fake ATM doesn't last long at hacker meet

Criminals running an ATM card-skimming scam made a big mistake this week: They tried to hit the Defcon hacker conference in Las Vegas.

As the conference was kicking off a few days ago, attendees noticed that at ATM placed in the Riviera Hotel, which plays host to the annual event, didn't quite look right, according to a senior conference organizer who identified himself only as Priest. "They looked at the screen where there would normally be a camera," he said. "It was a little bit too dark, so someone shined a flashlight in there and there was a PC."

What is credit-card skimming?
10 of the worse moments in network security history

The ATM looked like a working system, but when people would put their cards in the machine, it would scan their card information and record the PIN numbers they entered. He didn't know how long the ATM had been at the Riviera.

Conference organizers notified local law enforcement who hauled away the machine on "Thursday or Friday," said Priest, who said he works as a "civil servant" in his day job.

Credit card skimmers -- small devices installed on top of card readers to steal information -- and fake ATM machines are a common problem. Once the criminal records the card information and PIN number, he can use that to create a fake ATM card and then empty the victim's account.

Previously unsophisticated criminal gangs are increasingly using these devices, Priest said. "They're realizing that this is a great way to make money without getting caught."

The criminals probably didn't realize that they were installing their ATM in a hotel that was soon going to be flooded with more than 8,000 security professionals, he added.

They were smart enough to place the machine in one of the few spots in the hotel where there was no security camera to catch them, Priest said. "It was literally right next to the hotel security entrance."

The IDG News Service is a Network World affiliate.