epgStream.net Online

Trustwave’s SpiderLabs performed the analysis of malicious software (malware) found installed on compromised ATMs (Automated Teller Machines) in the Eastern European region. This malware captures magnetic stripe data and PIN codes from the private memory space of transaction-processing applications installed on a compromised ATM. These ATMs compromised by the malware ran Microsoft’s Windows XP operating system … Does your ATM run Windows XP?

The malware contains advanced management functionality allowing the attacker to fully control the compromised ATM through a customized user interface built into the malware. This interface is accessible by inserting controller cards into the ATM’s card reader.

SpiderLabs analysts do not believe the malware includes networking functionality that would allow it to send harvested data to other, remote locations via the Internet.

The malware does, however, allow for the output of harvested card data via the ATM’s receipt printer or by writing the data to an electronic storage device (possibly using the ATM’s card reader).

Analysts also discovered code indicating that the malware could eject the cash dispensing cassette.

Major Australian banks, such as the Commonwealth Bank, are currently running Windows XP on their ATM networks. This new type of malware could be used here in Australia where economic conditions are prime to make illegal fraudulent activites appealing … Why bother going to the trouble of breaking into or stealing an ATM when you can just hire a 14 year old kid to hack into one!

Learn more about this issue by reading Trustwave’s Malware Briefing.

Additional references: wired.com cnet.com computerworld.com

(1 votes, average: 5.00 out of 5)

 Loading ...