There has been an update to the original story I posted the other day, it now appears that there is a dollar value with the thief. Released court documents put the loss between $200,000 and $400,000! that’s a whole lot of ATM withdraws.
There was some interesting information about the malware and the ATM’s that I did find. On newer ATM’s (After 2004) encrypt the PIN as it’s leaving the pad, I would like to know the details on how that works. If a PIN is 4-8 digits that’s only 32 – 64 bits, that should be pretty easy to create a rainbow table with such a small pool of numbers to work with, or even figure out the encryption method if you already have physical access to the ATM.