Notifications
Clear all

GAS PUMP SKIMMER!!!

JMT605
(@jmt605)
New Member

I am sure many of you have seen or heard of the infamous gas pump skimmers. Well I have one that was recovered and now I am trying to recover the credit card data from it. I am having a hard time trying to interface a USB port to it. It is a 7 pin molex connector that connects to the inside of the gas pump and captures the credit card data and stores it for alter retrieval. There is another port that looks like a micro USB port but is smaller than a micro USB adapter and its internal connector appears to have been melted partially. It is identical to this one scene on Brian Krebs website....http//krebsonsecurity.com/2010/07/skimmers-siphoning-card-data-at-the-pump/#more-4068

Does anyone have any ideas on how to go about trying to recover the data from this thing? It is not Bluetooth or wireless as some recent press releases may say it is. I can email you pictures of what I have if need be.

Thank you all in advance!

John

Quote
Topic starter Posted : 18/12/2014 11:56 pm
mark_adp
(@mark_adp)
Member

If you can't get the interface to work, perhaps with JTAG test leads if there are any on the PCB? Failing that, it's usefully quite easy to to pop the chip off and read it with a cheap chip reader.

ReplyQuote
Posted : 19/12/2014 2:53 pm
jaclaz
(@jaclaz)
Community Legend

It is identical to this one scene on Brian Krebs website....http//krebsonsecurity.com/2010/07/skimmers-siphoning-card-data-at-the-pump/#more-4068

BUT

It is not Bluetooth or wireless as some recent press releases may say it is.

while the given site says that the represented skimmer is bluetooth ?

jaclaz

ReplyQuote
Posted : 19/12/2014 3:31 pm
JMT605
(@jmt605)
New Member

Definitely not Bluetooth…..that was a typo by the public affairs officer in Alachua County….

To make matters worse, the superglue that our crime scene techs used to process the device for prints melted the usb connector!

ReplyQuote
Topic starter Posted : 19/12/2014 6:09 pm
jhup
 jhup
(@jhup)
Community Legend

That looks like a single layer PCB.

Can you take several crisp pictures of the front and the back and post them? I might be able to tell you more details. The pictures from Kreb's look like screened PCBs, with mostly surface mount pieces. Possibly a commercial product modified.

Are you a Federal LEO? If so, I might be able to get you in contact with some of my lab's brains.

ReplyQuote
Posted : 19/12/2014 7:59 pm
jaclaz
(@jaclaz)
Community Legend

I see. )

To make matters worse, the superglue that our crime scene techs used to process the device for prints melted the usb connector!

Still, that USB connector *must* be a "Commercial/Industrial" component, so finding the schematics or pinout for it should be possible. ?

And, as jhup pointed out, the fact that the PCB has numbers and component symbols printed on it makes it likely that the "origin" is a mass-produced PCB, or at least from the photo on the given site it seems like the PCB and the cabling are at very different levels of craftmanship.

jaclaz

ReplyQuote
Posted : 19/12/2014 8:47 pm
C.R.S.
(@c-r-s)
Active Member

From the photo on Krebs' blog, I'd expect one of the 8-pin components to be a SPI serial flash (probably the one at the top right of the microcontroller), which could be easily dumped when desoldered. However, since the manufacturer may have implemented an encoding or even encryption in the microcontoller firmware, you should first try the "usb" connector (the actual bus can be identified from the specs of the MCU). Maybe it simply gives mass storage access to the flash via usb.
The MCU itself probably provides a SPI interface, possibly highlighted by diagnostic pads on the PCP.
You could also ask the pump manufacturer, what sort of bus system the device taps into. I agree with jhup that it looks like a commercial device (the PCB is clearly designed for a small case), and this information gives you a hint, which commercial data logger the criminals would pick.

ReplyQuote
Posted : 20/12/2014 7:49 pm
dandaman_24
(@dandaman_24)
Active Member

Definitely not Bluetooth…..that was a typo by the public affairs officer in Alachua County….

To make matters worse, the superglue that our crime scene techs used to process the device for prints melted the usb connector!

How on earth has the superglue melted the USB connector. Heat is only applied to the small amount of SG present in the sealed chamber, heated to a maximum of 120degrees in UK cabinets.

Could it not be that 'Mr Bad Guy' has covered his tracks and intentionally damaged the USB ports ?

ReplyQuote
Posted : 22/12/2014 1:18 pm
jhup
 jhup
(@jhup)
Community Legend

Cyanoacrylates will not melt the plastic part of the USB connector. It is the thinner or solvent that comes in the storing packages (often acetone) that causes the target plastics to melt.

That is, to keep "Super glue" viscous, acetone is added to the packaging. The "super glue" is squeezed out of the tube, the acetone evaporates, solidifying the "super glue". While the acetone is evaporating, it can eat away other plastics around the exposed "super glue".

"Super glue" can be used to lift fingerprints from non-porous surfaces specifically using the fumes from them.

ReplyQuote
Posted : 22/12/2014 7:37 pm
mkel2000
(@mkel2000)
New Member

John,

I worked a case involving gas pump skimmers about a year ago in Southern California. At the time, I traced the skimmers that were recovered to a Southern California manufacturer. That company has provided software to the US Secret Service to allow reading of the modified devices. I don't recall the name of the company at the moment, but I could put you in touch with the Glendale, CA detective that worked the case. If you're interested, send me a PM with your contact information. The case I worked involved Armenian organized crime.

Mark

ReplyQuote
Posted : 02/01/2015 8:55 pm
Share:
Share to...