The stand-alone ATM, similar to the one pictured, was positioned outside the security office and contained a PC set to skim card details and PINs.
Scammers at the Riviera Hotel Casino clearly failed to check the event calendar when the installed a fake cashpoint - and were duly shut down by eagle-eyed hackers attending the DefCon convention.
As reported over on Wired
, the ATM - which was placed in the hotel's conference centre where the DefCon convention was taking place - appeared to be a standard stand-alone unit, sat outside of the range of surveillance cameras. Sadly for anyone that needed a quick buck or two to feed into the slot machines, the device hid a card skimmer - designed to record the account details and PIN of any card inserted.
It isn't known how long the machine was in place, nor who installed it - but it is known that hacker and CEO of Aries Security Brian Markus is responsible for getting it removed. Having spotted that the smoked glass on the front of the unit - which usually hides a small camera positioned to record the face of anyone using the machine for fraud prevention purposes - looked "funny
", he shone a torch at the machine to peek behind the panel. Rather than the expected camera, Markus saw a PC connected to the machine's innards - and recording card information.
Although the ATM was carefully positioned to avoid hotel security cameras, whoever put the device in place clearly had a sense of irony as it was placed directly outside the hotel's security office - with none of the security employees any the wiser that something was amiss until Markus pointed out his suspicions.
The ATM has since been removed by hotel security staff, and an investigation is taking place to discover exactly how long the skimmer was in place - and hopefully find those responsible.
Do you think that the crooks behind this scheme had the worst timing - trying to scam a hacker convention - or could it have been placed by one of the conference attendees in order to teach his fellow hackers a lesson in information security? Share your thoughts over in the forums