Infected ATMs are giving away millions of dollars without credit cards being anywhere near them.
Research by Kaspersky Lab found a piece of malware infecting ATMs that allowed attackers to empty the cash machines via direct manipulation, stealing millions of dollars. The attack works by criminals gaining physical access to the ATMs and inserting a bootable CD to install the malware. This has been named Tyupkin. After this they reboot the system, and the infected ATM is under their control.
After a successful infection, the malware runs in an infinite loop waiting for a command. To make the scam harder to spot, Tyupkin malware only accepts commands at specific times on Sunday and Monday nights. During those hours the attackers are able to steal money from the infected machine.
Video footage obtained from security cameras at the infected ATMs revealed the methodology used to access cash from the machines. Interpol has informed those countries who are affected.
VIEW FULL STORY
