The gang is understood to have added tiny circuit boards to chip and pin machines during or shortly after the manufacturing process.
Three circuits embedded in a metal card were added, enabling the machine to transmit a credit or debit card’s details to a third party.
The first circuit is designed to copy the card’s details and pin number before the device has time to encrypt the information.
The second takes that information, encrypts it and stores it in a buffer. The third circuit acts as a tiny mobile phone transmitting the stored data to a computer in Lahore, Pakistan, where it is decrypted. The stolen data is then used to make cloned cards.
A source close to the investigation said: “In some cases it called in once a day, in others as little as once a week. It
would say to the computer: here are the 50 card details I’ve stolen this week. How many and what type do you want me to steal next?
“It would then receive new instructions and act on them. It would act like a tick: it would continually sift blood without necessarily being noticed by its host.”
To remain discreet, the criminals would tailor the sums they stole to the type of store a corrupted machine was operating from.
“If it ended up in a small shop that only did a few thousand pounds of business a week, they would probably keep the amount of money drained very small. Whereas if a machine ended up in a high-value electronics store, they could crank it up and make it steal more money,” said the source.
Additional reporting by Patrick Sawer in London