ATMii worm allows you to steal money from ATMs



    Image: William Grootonk , CC BY-SA 2.0

    SC Magazine reported on the discovery of a new family of ATM malware that can be used by cybercriminals to steal all the money stored in it. The worm is called ATMii - devices based on Windows 7 and Vista become its victims.

    ATMii activity was first reported in April 2017. Researchers from Kaspersky Lab who discovered the malware noted the simplicity of its device - the worm consists of only two modules: the first implements the second, which performs unauthorized actions. The injection module is a simple command line application in Visual C.

    In order to infect an ATM, hackers need direct access to it - network or physical (via USB). After installing the worm from an ATM, you can steal all the funds stored in it.

    In order to protect their ATMs, financial institutions should set up a ban on launching third-party code and disable the ability to work with flash drives.

    Such attacks on ATMs are called logical - the attackers who choose this method do not steal user bank card information, do not take the ATM in a pickup truck to saw it in the garage, and do not even blow it up. They transmit commands to the equipment of the ATM and, without causing him physical damage, start the process of issuing money.

    On Thursday, October 19, at 2:00 p.m., Positive Technologies information security researchers Vadim Solovyov and Yaroslav Babin will conduct a free webinar where they will talk about the current ATM security level, discuss ways to gain control over the ATM system by attackers and analyze attack scenarios using examples from their own experience in areas of ATM security analysis and information security incident investigation.

    The webinar is intended for IB and IT professionals working in banks, as well as for vendors that manufacture or supply ATMs and their means of protection.

    To participate in the webinar you need to register .

    Also popular now: