Post by Admin on Oct 8, 2014 7:36:14 GMT -9
Crooks using malware to steal millions from cash machines
by Dan Worth
08 Oct 2014
rs
Cash machines are spewing out millions to criminals
Criminals are using malware to infect cash machines and steal millions in ready money, Kaspersky Lab has revealed.
The campaign was uncovered after Kaspersky was contacted by an unnamed financial institution that had been hit by the attack.
So far the malware has been found on over 50 ATMs at banking institutions in eastern Europe. It is also thought to have spread to the US, India and China.
The scam works by gaining physical access to the ATM and inserting a CD that contains the malware, codenamed Tyupkin by Kaspersky.
Once installed, the crooks can reboot the system and control the machine. Using a unique code, they then log-in to the system and force it to hand over the cash.
The attackers have used some clever methods to avoid detection. The malware is operable only on Sunday or Monday nights, and requires a code generated randomly from another location and provided to the ‘money mule’ at the ATM.
Kaspersky said this ensures that the crooks in charge do not have to worry about a member of the public somehow being given cash, or a subordinate attempting to ‘go rogue’ and use the machine when they want. A video below show the hack in action.
Kaspersky urged financial firms to take immediate action on the threat. This included replacing the physical locks on ATMs, installing alarms, changing the default BIOS password and installing anti-virus software.
“The Tyupkin malware is an example of the attackers taking advantage of weaknesses in the ATM infrastructure,” said Vicente Diaz, principal security researcher at Kaspersky Lab’s Global Research and Analysis Team.
“Over the last few years, we have observed a major upswing in ATM attacks using skimming devices and malicious software. Now we are seeing the natural evolution of this threat with cyber criminals moving up the chain and targeting financial institutions directly."
Sanjay Virmani, director of the Interpol Digital Crime Centre, said the latest threat underlined the myriad risks faced by organisations.
“Offenders are constantly identifying new ways to evolve their methodologies to commit crimes, and it is essential that we keep law enforcement in our member countries involved and informed about current trends and modus operandi,” he said.
by Dan Worth
08 Oct 2014
rs
Cash machines are spewing out millions to criminals
Criminals are using malware to infect cash machines and steal millions in ready money, Kaspersky Lab has revealed.
The campaign was uncovered after Kaspersky was contacted by an unnamed financial institution that had been hit by the attack.
So far the malware has been found on over 50 ATMs at banking institutions in eastern Europe. It is also thought to have spread to the US, India and China.
The scam works by gaining physical access to the ATM and inserting a CD that contains the malware, codenamed Tyupkin by Kaspersky.
Once installed, the crooks can reboot the system and control the machine. Using a unique code, they then log-in to the system and force it to hand over the cash.
The attackers have used some clever methods to avoid detection. The malware is operable only on Sunday or Monday nights, and requires a code generated randomly from another location and provided to the ‘money mule’ at the ATM.
Kaspersky said this ensures that the crooks in charge do not have to worry about a member of the public somehow being given cash, or a subordinate attempting to ‘go rogue’ and use the machine when they want. A video below show the hack in action.
Kaspersky urged financial firms to take immediate action on the threat. This included replacing the physical locks on ATMs, installing alarms, changing the default BIOS password and installing anti-virus software.
“The Tyupkin malware is an example of the attackers taking advantage of weaknesses in the ATM infrastructure,” said Vicente Diaz, principal security researcher at Kaspersky Lab’s Global Research and Analysis Team.
“Over the last few years, we have observed a major upswing in ATM attacks using skimming devices and malicious software. Now we are seeing the natural evolution of this threat with cyber criminals moving up the chain and targeting financial institutions directly."
Sanjay Virmani, director of the Interpol Digital Crime Centre, said the latest threat underlined the myriad risks faced by organisations.
“Offenders are constantly identifying new ways to evolve their methodologies to commit crimes, and it is essential that we keep law enforcement in our member countries involved and informed about current trends and modus operandi,” he said.