Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Cybercriminals refine data-sniffing software for ATM fraud

The malware, which steals PINs and card data, works on ATMs running Windows XP

Cybercriminals are improving a malicious software program that can be installed on ATMs running Microsoft's Windows XP operating system that records sensitive card details, according to security vendor Trustwave.

The malware has been found on ATMs in Eastern European countries, according to a Trustwave report.

The malware records the magnetic stripe information on the back of a card as well as the PIN (Personal Identification Number), which would potentially allow criminals to clone the card in order to withdraw cash.

The collected card data, which is encrypted using the DES (Data Encryption Standard) algorithm, can be printed out by the ATM's receipt printer, Trustwave wrote.

The malware is controlled via a GUI that is displayed when a so-called "trigger card" is inserted into the machine by a criminal. The trigger card causes a small window to appear that gives its controller 10 seconds to pick one of 10 command options using the ATM's keypad.

"The malware contains advanced management functionality allowing the attacker to fully control the compromised ATM through a customized user interface built into the malware," Trustwave wrote.

A criminal can then view the number of transactions, print card data, reboot the machine and even uninstall the malware. Another menu option appears to allow the ejection of an ATM's cash cassette.

Trustwave has collected multiple versions of the malware. The company believes that the particular one it analyzed is "a relatively early version of the malware and that subsequent versions have seen significant additions to its functionality."

The company advised banks to scan their ATMs to see if they're infected.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: e-Security, Microsoft
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: ATM, fraud, security
Latest Blog Posts
Whitepapers
  • Implementing Energy Efficient Data Centres
    Electrical power usage is not a typical design criterion for data centers, nor is it effectively managed as an expense. This is true despite the fact that the electrical power costs over the life of a data center may exceed the costs of the electrical power system including the UPS, and also may exceed the cost of the IT equipment. Read on.
    Learn more »
  • IBM agility@scale™: Become as Agile as You Can Be
    In this eBook, Scott Ambler, IBM Rational software's Chief Methodologist for Agile and Lean discusses how IT organisations are finding that agile project teams, as compared to traditional project teams, enjoy higher success rates, deliver higher quality projects, have greater levels of stakeholder satisfaction, provide better return on investment (ROI) and deliver systems to market sooner.
    Learn more »
  • Enterprise Buyers Guide for Cloud Storage
    Customer interest in public cloud storage is increasing, driven by the promise of affordable, elastic storage for archiving, backup/recovery, and disaster purposes. To understand the types of offerings available and to assist buyers with purchasing decisions Computerworld has prepared a public cloud storage buyers guide.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments