Hackers Stole Millions From ATMs with Malware
| Marc Maligalig | | Oct 10, 2014 04:02 PM EDT |
(Photo : Kaspersky)
Researchers from Kaspersky Lab announced Tuesday that Backdoor.MSILTyupkin, a malicious program designed to work on Automatic Teller Machines that are running the 32-bit version of Windows, was used by hackers to steal millions of dollars.
Instead of exploiting software vulnerabilities in the machines from afar, the cyber criminals put the malware into the ATMs by gaining access to controls which are usually guarded by a locked panel.
Like Us on Facebook
The malicious code was installed by inserting a bootable CD into the ATM, and then "the criminals reboot the system and the infected ATM is under their control," Vicente Diaz, the principal security researcher at Kaspersky Lab said through email.
"This operation allows the criminals to play with the ATM software in the way that they need to," Diaz said. "So it's a completely different threat level, where software protection doesn't work."
The software security firm refused to disclose the name of the targeted vendor, citing a current investigation by Interpol into the compromises.
The researchers said the malware, nicknamed Tyupin, was discovered in 50 ATMs operated by banking companies in Eastern Europe. Samples of the bad code, however, have been uploaded to VirusTotal from other countries, including China, India and the United States, suggesting that the malware was used in those areas of the world as well.
The hackers took several precautions to avoid detection in the incidents that were investigated by Kaskersky. Tyupin, for example, was configured to just accept commands given via the PIN pad during Sunday and Monday evenings.
To be able to open the interface of the program, which shows the number of bills and denominations left in the ATM's cassettes, the hackers are required to input unique session keys every time. An algorithm only known to the cyber criminals generate the special keys, which wards off others from accessing the malware. The program's interface lets the user force the machine to give out up to 40 bills at a time from one of the ATM's cassettes.
TagsKaspersky, Kaspersky Lab, hackers, ATM, BANK, banking, Malware, Cybercriminals, cybercrime, Tyupin
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?
