The Malware that captures account numbers and PINs from the ATM transaction logs and then delivers it to the thief on a receipt printed from the machine in an encrypted format or to a storage device inserted in the card reader has been found from windows XP based automatic teller machines in Russia and Ukraine.
The malware was found on 20 ATM’s in Russia and Ukraine that were all running Microsoft’s Windows XP operating system. At least one machine was infected as early as July 2007. The researchers said that the hacker released upgraded version of the Malware since then and perfected it.
The Malware contains advanced management functionality allowing the attacker to fully
control the compromised ATM through a customized user interface built into the malware. The attacker needs an inside help to infect the machine with Malware. Once that’s done, attackers can insert a control card into the machine’s card reader to trigger the Malware. The hacker can also instruct the machine to eject whatever cash is inside the machine.
More details about the attack at
https://www.trustwave.com/downloads/alerts/Trustwave-Security-Alert-ATM-Malware-Analysis-Briefing.pdf
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.