Last August , security researchers released a blog discussing a new ATM malware family called Ripper which they believe was involved in the recent ATM attacks in Thailand. Large numbers of ATMs were also temporarily shut down as a precautionary measure.
During our analysis we noticed some additional details that where not called out, or which appear to contradict this earlier analysis. We highlight these differences in this blog post. We have also included technical indicators such as code offsets where possible for other researchers to follow on from our work.Read More