14 ATMs In Three States Were Hacked To Steal Up To RM3 Million

This is the first time a computer virus was used to steal money from banking institutions in Malaysia.

Cover image via

ATM Hackers Hit Three More Banks To Steal Almost RM450,000

The automated teller machine (ATM) hacking blitz continues with three more banks reporting losses to Latin American gangs on Tuesday evening.

ATMs at three more bank branches have been hacked and almost RM450,000 stolen as police launched a nationwide hunt for the Latin American suspects responsible for the thefts. The spate of ATM hacks continued with the United Overseas Bank (UOB) branch in Jalan Imbi yesterday reporting a RM92,900 theft by one of the hackers.

According to the source, the bank manager realised that the money was missing from one of its automated teller machines (ATM) after the officers carried out a routine balance audit at 9.20am yesterday.

“When he reviewed the closed-circuit television recordings (CCTV), he noticed that about 8.30am the day before, an unidentified man had entered the bank and taken out his handphone in front of the bank’s ATM. “The same man was seen entering the bank four times on that day itself, each time clad in different clothes. He was also seen making withdrawals without pressing any buttons.”

In Malacca, bank managers of the Affin Bank and Al Rajhi Bank branches in Taman Melaka Raya lodged police reports saying that their ATMs were missing a total of RM355,570 in cash. The Al Rajhi Bank branch reportedly lost RM232,770, which was withdrawn by two suspects, while the Affin Bank branch lost RM122,800 to three suspects.

So far, there have been 18 reported cases of ATMs being hacked into, with about RM3.1mil in cash drained out of the machines.

30 Sept: Police Release Photos Of Suspected ATM Hackers Who Stole RM3 Million

Police have released images of some of the suspects who drained out stacks of cash from ATMs in branches belonging to Affin Bank, Al Rajhi Bank and Bank Islam.

The images were from the close circuit television cameras installed at several ATM kiosks where the crime took place.

Bukit Aman vowed on Tuesday to bring to justice the Latin American hackers who stole about RM3mil by hacking into automated teller machines (ATM) in three states over the weekend.

Over The Past Week, 14 ATMs In Three States Were Hacked With Almost RM3 Million Stolen

Image via

A Latin American gang exploited flaws in the authentication process to hack into at least 14 automated teller machines (ATM) in Selangor, Johor and Malacca and got away with almost RM3mil.

The ATMs hit over the past week were those at the branches of the Affin Bank, Al Rajhi Bank and Bank Islam but individual accounts of the banks were not breached.

Affin Bank Bhd, Affin Islamic Bank Bhd And Al Rajhi Bank ATMs In Selangor, Johor And Melaka Fell Victim To The Crime

The three banks were Affin Bank Bhd, Affin Islamic Bank Bhd and Al Rajhi Bank — though the Affin units might be seen as one group.

Police said Latin American hackers targetted the Al-Rajhi Bank and Bank Islam branches in Petaling Jaya, Klang, Kajang, Shah Alam and Puchong using SIM cards to hack into the ATMs.

The affected ATMs are located in Johor Baru, Batu Pahat and Taman Molek (all in Johor), Melaka Raya as well as PJ State and USJ in Selangor, the statement said.

Police Suspects A Latin American Gang Is Behind The Heist. CCTV Captured Two Latin American Men Taking Turns To Withdraw Money At The Bank.

Closed-circuit television (CCTV) footage from the Petaling Jaya and Subang Jaya robberies showed two Latin American men taking turns to enter the banks and withdraw money by inserting the SIM cards into the machines’ slot.

He said that with a large number of gang members, the syndicate was able to deploy accomplices to the three states to execute the heists simultaneously.

The Syndicate Used A Computer Virus To Hack Into The ATM Software. The Virus Would Issue Instructions To Make Withdrawals On The Amount Left In The Machine.

The thieves, hacked into the software which controlled the ATMs rather than any forced prying open of the vault where the money was stored.

The syndicate that preyed on bank Automated Teller Machines (ATMs) the last two days used a computer virus known as ‘ulssm.exe..’ to steal money. Information obtained from the systems engineer of a bank indicated that up to 40 notes could be taken out in a single transaction using the method.

Federal police Commercial Crimes Investigation Department director Mortadza Nazerene said the virus would issue instructions to make withdrawals on the amount still left in the ATM being hacked.

“The suspects were found to have opened the top panel of the machine without using a key and inserted a compact disc into the machine’s processing centre which caused the ATM’s system to reboot,” he told Bernama here today. He said they then used a keyboard to hack into the system and take out money.

That was not the only thing the syndicate did as they were said to have used a SIM card as well as other high tech devices to carry out their plan.

The Thieves Would Then Key In, Say, RM100 Withdrawals But The ATM Would Dispense RM1,000 Or More. They Had To Make Multiple Withdrawals To Empty The Cash From The ATM Vault.

According to police, the thieves would key RM100 withdrawals, but the ATM would instead give out RM1,000 or higher amounts based on the upper limits programmed into the ATM software. Due to this maximum cash output limit, the thieves had to make multiple withdrawals of 10 or more to empty the cash from the ATM vault.

As this took time, the suspects were believed to have taken turns in making the withdrawals to avoid raising suspicions among anyone who might notice them.

It is learnt that the group targeted ATMs using old operating systems.

The Modus Operandi Was First Detected In Johor On Friday, 26 Sept. By Monday, Nine ATMs In The Klang Valley Had Been Hit.

The modus operandi was first detected at an Affin Bank branch in Johor early Friday. By Monday, at least nine ATMs in the Klang Valley had been hit. The bank managers only detected the robberies on Monday after performing an audit on the cash balance in their ATMs.

"Although the two cases in Malacca and Kota Damansara were only reported today, we believe the syndicate had carried out the theft around the same time during the weekend. "This is because they knew that the bank and the authorities would already be on high alert once the thefts were detected. The bank would have boosted their security by then," said Kamaruddin.

This Is The First Time In Malaysia That A Computer Virus Was Used To Steal Money From Banking Institutions

"This is not the first time a virus was used to steal money from banking institutions. Similar cases have also been reported in other countries. This, however, is a first for Malaysia," Bukit Aman's Cyber Crime and Multimedia Investigation deputy director SAC Mohd Kamarudin Md Din said.

"We found it when we were going through the system. The virus had rebooted the ATM system and allowed the syndicate to withdraw money multiple times from the targeted machines," said Kamaruddin.

Bank Customer's Accounts Were Not Compromised During The Heist As The Virus Was Created To Only Override The ATM's System

It was understood that the virus was created only to override the ATM's system and not the other banking system and facilities. Police said bank accounts, belonging to individuals, were intact.

No customer account balances were compromised during the spate of automated teller machine (ATM) hacks in Affin Bank, Al Rajhi Bank and Bank Islam over the weekend, said the Association of Banks Malaysia.

However, Association Of Banks Malaysia Says Efforts Are Being Made To Secure Customers' Data

Association of Banks Malaysia Executive director Chuah Mei Lin said member banks were now stepping up efforts on security to protect customers’ data, following reports of ATMs in 14 bank branches in Selangor, Johor and Malacca being hacked by a Latin American gang, who stole over RM3 mil in just two days.

“Members of the public are welcome to contact us at our ABMConnect hotline by dialing 1-300-88-9980 or emailing us at eABMConnect by logging on to our website,,” she said in a statement, Tuesday.

The Police Has Launched Ops Godam ATM To Track Down The Culprits

After the spate of ATM thefts were reported yesterday, police launched a special operation to track down the culprits. A special squad comprising officers from Bukit Aman and state contingents have been deployed under Ops Godam ATM.

On Monday, They Busted A Latin American Gang Of House Burglars Whom They Believe Are Also Responsible For The ATM Heist

Image via

Police have busted a Latin American gang of house burglars, believed to be responsible for dozens of break-ins around the Klang Valley. This comes after two raids in houses in Subang Avenue and USJ 19, where Shah Alam police nabbed seven Latin American suspects and recovered a treasure trove of stolen goods worth RM200, 000.

Six men and a woman were detained by police last Friday in two raids in Subang Avenue and USJ19, following two weeks of surveillance. Shah Alam police chief ACP Azisman Alias said the seven, claiming to be from Panama and Guatemala, could be members of the infamous Latin American ATM gang.

“During the raid on one of the houses, we found a large cable belt normally used by gangs to cart away ATMs. So we believe some of the suspects could be involved in theft of money from ATMs.”

Police Are Finding It Difficult To Make Progress In The Investigation As The Suspects Claimed They Do Not Understand English

However, police are finding it difficult to make progress in investigations because the suspects are not cooperating.

"They are being very difficult, claiming that they do not understand English. We doubt it though. “How can you come all the way to a foreign country and not know a language like English. We are working on getting a translator to speak with them. “Even more perplexing was how the suspects got into the country,” he said. "It is quite mysterious and we will have to work with Immigration on it.

All Banks Nationwide Have Been Urged To Immediately Inspect And Secure Their ATM Machines

All banks nationwide have been urged to immediately inspect and secure automated teller machines (ATM) to curb hacking of such machines.

Federation of Malaysian Consumers Associations (Fomca) secretary-general Datuk Paul Selva Raj said if action was not taken, banks could face a loss of confidence by customers to save with such institutions. "The case is serious as most Malaysians are bank customers. "Banks need to take such crimes seriously as they could spread," he told Bernama here today.

Leave a comment