• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Ripper

An Elaborate ATM Threat Crops Up: Network-based ATM Malware Attacks

  • Posted on:September 26, 2017 at 5:00 am
  • Posted in:Malware
  • Author:
    Trend Micro Forward-Looking Threat Research Team
0

Infecting automated teller machines (ATMs) with malware is nothing new. It’s concerning, yes. But new? Not really. We’ve been seeing physical attacks against ATMs since 2009. By physical, we mean opening the target machine’s casing, accessing the motherboard and connecting USB drives or CD-ROMs in order to infect the operating system. Once infected, the ATM is at the attackers’ mercy, which normally means that they are able to empty the money cassettes and walk away with fully loaded wallets. In 2016, we released a joint paper with Europol’s European Cybercrime Centre (EC3) that discussed the shift from physical to digital means of emptying an ATM and described the different ATM malware families that had been seen in the wild by then.

What has happened since? On top of many more malware families entering the landscape – something that was expected in these cases – there is one new development we forecast that unfortunately has come to pass: Attackers have started infecting ATMs with malware through the network. Five distinct incidents of network-based ATM malware attacks have already been reported in the media, and we believe this to be significant because it shows how cybercriminals have had ATMs firmly in their crosshairs.

Read More
Tags: ATM malwareATM networkRipper

Untangling the Ripper ATM Malware

  • Posted on:September 19, 2016 at 12:01 am
  • Posted in:Malware
  • Author:
    Numaan Huq (Senior Threat Researcher)
0

Last August , security researchers released a blog discussing a new ATM malware family called Ripper which they believe was involved in the recent ATM attacks in Thailand. Large numbers of ATMs were also temporarily shut down as a precautionary measure.

During our analysis we noticed some additional details that where not called out, or which appear to contradict this earlier analysis. We highlight these differences in this blog post. We have also included technical indicators such as code offsets where possible for other researchers to follow on from our work.

Read More
Tags: ATM malwareRipper

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.