Bruce Schneier, New Chip-and-Pin Scam in the UK:
The readers were hacked when they were were built, “either during the manufacturing process at a factory in China, or shortly after they came off the production line.” It's being called a “supply chain hack.”
Sophisticated stuff, and yet another demonstration that these all-computer security systems are full of risks.
BTW, what's it worth to rig an election?
Now “that” is scary stuff, after reading all the comments on Schneier.com it appears the data was sent via embedded GSM units in to Pakistan. That’s pretty hard to defend against, and who knows how many more of these units are floating around.
This attack could be used on any card swipe devices including secure card swipe entries etc.