http://krebsonsecurity.com/2014/10/spike-in-malware-attacks-on-aging-atms/
By Brian Krebs
Krebs on Security
October 20, 2014
This author has long been fascinated with ATM skimmers, custom-made fraud
devices designed to steal card data and PINs from unsuspecting users of
compromised cash machines. But a recent spike in malicious software
capable of infecting and jackpotting ATMs is shifting the focus away from
innovative, high-tech skimming devices toward the rapidly aging ATM
infrastructure in the United States and abroad.
Last month, media outlets in Malaysia reported that organized crime gangs
had stolen the equivalent of about USD $1 million with the help of malware
they’d installed on at least 18 ATMs across the country. Several stories
about the Malaysian attack mention that the ATMs involved were all made by
ATM giant NCR. To learn more about how these attacks are impacting banks
and the ATM makers, I reached out to Owen Wild, NCR’s global marketing
director, security compliance solutions.
Wild said ATM malware is here to stay and is on the rise.
BK: I have to say that if I’m a thief, injecting malware to jackpot an ATM
is pretty money. What do you make of reports that these ATM malware
thieves in Malaysia were all knocking over NCR machines?
OW: The trend toward these new forms of software-based attacks is
occurring industry-wide. It’s occurring on ATMs from every manufacturer,
multiple model lines, and is not something that is endemic to NCR systems.
In this particular situation for the [Malaysian] customer that was
impacted, it happened to be an attack on a Persona series of NCR ATMs.
These are older models. We introduced a new product line for new orders
seven years ago, so the newest Persona is seven years old.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
