Hackers have stolen 12.29 million baht from Government Savings Bank’s 21 ATMs in Bangkok and southern provinces of Thailand since August 1.
The thefts have forced the GSB to suspend indefinitely the services of about 4,000 ATMs which were manufactured by a Scottish company.
The malware attacks were deemed to have been targeting single machines to remain undetected for as long as possible. It is unknown how long the affected machines had been infected.
After these revelations, the bank closed its ATM network supplied by the affected vendor and uncovered 16 more machines infected with malware, costing it around $350,000 in missing cash.
According to Microsoft, among the 25 countries in the world that are most targeted with malware attacks, Thailand has been identified as one of the key countries within Asia-Pacific.
In Thailand, the prime targets are government websites. This observation is based on the recent assaults that Anonymous an international hacker group launched to object the single gateway scheme of the government.
GSB director Mr Chartchai Payuhanaveechai said Tuesday that the bank had suspended the services of the Scottish-made ATMs on August 8 after officials found out that 21 of the ATMs had been hacked with the use of Malware programme.
The GSB wants to inform the public and customers about the reason behind the closing of some ATM machines and to prevent more damage to the bank. This theft is not related to customers’ accounts and money,”
Mr Chartchai said.
The hackers withdrew 40,000 baht each time from six ATMs in Phuket, two each in Surat Thani, Chumporn, Prachuab Khiri Khan and Petchaburi and five in Bangkok in Sukhumvit and Vibhavadi Rangsit areas.
Mr Chartchai said the bank had notified the Bank of Thailand about the electronic thefts so that commercial banks which have in their services similar brand of ATMs be warned and taken appropriate preventive measures.
There are about 10,000 ATMs in service in Thailand, including about 4,000 of the GSB.He said that the stolen money belong to the bank, not the customers, so GSB would demand compensation from the manufacturer of the machines.
In 2014 nearly 100 Thai Government websites were hacked and used to serve malware last month. More than 500 distinct attacks were launched from these websites, representing about 85% of all government-hosted malware in the world according to study revealed by Netcraft.
Seven of the hacked sites belong to Thai police forces, such as the Narathiwat Provincial Police website at narathiwat.police.go.th, where hackers have appended a large chunk of malicious VBScript to the page shown below.