Maker of ATM bombing tutorials blew himself up – Euro cops

Vid filming ended in deadly disaster


A 29-year-old man alleged to have been part of a group that blew up at least 15 cash machines in Germany managed to kill himself and injure an associate last year while filming a video tutorial on how to blow up ATMs, according to European authorities.

Europol in a statement this week said the Dutch and German police had arrested a total of nine suspects over the course of an 18-month investigation that concluded earlier this week.

The inquiry began in February 2020, according to Europol, after authorities in Osnabrück, Germany, took note of unusual orders of ATM machines from a German ATM vendor.

"Special surveillance measures were put in place, which led the investigators to Utrecht, the Netherlands, where a 29-year-old individual and his 24 year-old accomplice were running an illegal training center for ATM attacks," Europol said. "There, the pair was ordering different models of ATMs and recording tutorials on how to most effectively blow them up."

These tutorials were reportedly intended to be presented in-person to like-minded individuals, presumably out of concern that posting the videos to the internet would attract the wrong kind of attention.

In September 2020, the pair were filming one of these tutorials when things didn't go as planned. The 29-year-old died and the 24-year-old was injured and taken into custody, according to Agence France Presse.

A report in the NLTimes last year says that a 29-year-old was killed in an explosion in Utrecht on September 5, 2020. It does not explain the source of the blast and does not mention any other survivors.

The investigation found ties between the bomb video makers and more than 15 attacks on ATMs in Germany estimated to have cost €2.15m (~$2.5m) in lost funds and property damage.

By April 2021, Dutch and German authorities had set up a Joint Investigation Team, with funding from Eurojust, and Europol took part in a separate Operational Taskforce to coordinate the sharing of resources between the two countries.

The investigation wrapped up on September 28, 2021, when a search of seven houses in Utrecht, Amsterdam and the Hague in the Netherlands led to the arrest of three suspects. These three now await extradition to Germany. The six others in custody were arrested during the past year.

In April, the European Association for Secure Transactions (EAST) published a report on ATM crime in 2020. Overall, ATM crime in the EU was down as a result of the social consequences of COVID-19.

"While it is good news to see such a significant fall in terminal fraud attacks, there is concern that explosive attacks at ATMs have only fallen by 6 per cent, and that related losses are up by 39 per cent," said EAST Executive Director Lachlan Gunn in a statement. "The average cash loss for a solid explosive attack is estimated at €28,218, and collateral damage to equipment and buildings can be significant."

There were 923 explosive attacks on ATMs in the EU last year, down from 977 in 2019.

However, malware and logical attacks against ATMs increased 44 per cent during the same period (from 35 to 129). All of these were "Black Box attacks" in which unauthorized hardware sends commands to empty or "jackpot" cash dispensers. ®


Other stories you might like

  • Experts: AI should be recognized as inventors in patent law
    Plus: Police release deepfake of murdered teen in cold case, and more

    In-brief Governments around the world should pass intellectual property laws that grant rights to AI systems, two academics at the University of New South Wales in Australia argued.

    Alexandra George, and Toby Walsh, professors of law and AI, respectively, believe failing to recognize machines as inventors could have long-lasting impacts on economies and societies. 

    "If courts and governments decide that AI-made inventions cannot be patented, the implications could be huge," they wrote in a comment article published in Nature. "Funders and businesses would be less incentivized to pursue useful research using AI inventors when a return on their investment could be limited. Society could miss out on the development of worthwhile and life-saving inventions."

    Continue reading
  • Declassified and released: More secret files on US govt's emergency doomsday powers
    Nuke incoming? Quick break out the plans for rationing, censorship, property seizures, and more

    More papers describing the orders and messages the US President can issue in the event of apocalyptic crises, such as a devastating nuclear attack, have been declassified and released for all to see.

    These government files are part of a larger collection of records that discuss the nature, reach, and use of secret Presidential Emergency Action Documents: these are executive orders, announcements, and statements to Congress that are all ready to sign and send out as soon as a doomsday scenario occurs. PEADs are supposed to give America's commander-in-chief immediate extraordinary powers to overcome extraordinary events.

    PEADs have never been declassified or revealed before. They remain hush-hush, and their exact details are not publicly known.

    Continue reading
  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading

Biting the hand that feeds IT © 1998–2022