Check for ATM Skimmers with NetworkToolbox

atm2Nowadays, ATM Skimmers use Bluetooth to transfer your stolen credit/debit card details and PIN code.

Brian Krebs today talked about this in a great story where he visited some Hotels in Mexico (even one I stayed in a few years ago) and found several Bluetooth Skimmers.

The hacked ATMs are using Bluetooth modules that are used to download the collected data from the Skimmer inside the ATM. This way, the criminals don’t need to get very close to the ATM to download the stolen data.

Even though this is another scary escalation of the Skimmer technology, the Bluetooth modules can be discovered even by NetworkToolbox. The Modules Brian found are standard Bluetooth modules from a company called Free2Move and that’s also the name these Bluetooth devices are propagating.

There are Bluetooth Modules available for Bluetooth 1.0, 2.0 and even 4.0 (LE) so you will have to discover all three standards. Bluetooth 1.0 and 2.0 devices can simply be discovered by going to the Settings screen of your iPhone, select Bluetooth, switch Bluetooth on if it’s off and wait if your iPhone discovers new Bluetooth devices around you. If you see “Free2Move” when standing close to the ATM you may better want to look for another ATM.

For Bluetooth 4.0 or Bluetooth LE (Low-Energy) you can use the Bluetooth Scanner which is included in NetworkToolbox (Please note: you need to have at least an iPhone 4s for this). Just run a Scan and check the names of the discovered devices and look for “Free2Move” or anything else that doesn’t look obvious.

Of course, the Criminals can change the name but so far, the Skimmers found by Brian Krebs can be discovered this way. At least I will try it whenever I am using an ATM and will let you know once I find a Skimmer or once I got suspected as criminal when standing in front of the ATM and do my scanning ;-).

Don’t trust the evil,

have a secure day,

Marcus