The Connection, Inc Blog

The Connection, Inc has been serving the New Jersey area since 1992, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

The Coding For Your ATM Shouldn’t Be as Dirty as Its Cash

b2ap3_thumbnail_atm_malware_threats_400.jpgMalware that targets ATMs isn’t a new concept. After all, ATMs use internal computers that can be hacked just the same as any old workstation. The prime difference is that hacking into an ATM allows for a direct dispensing of cash, rather than some crafty behind-the-scenes action. A new type of ATM malware, titled GreenDispenser, is a cause for concern in Mexico, and could spread to other countries if left unchecked.

As mentioned, there are other types of malware that target ATMs almost exclusively, including a backdoor called Ploutus. Just like GreenDispenser, Ploutus originated in Mexico, and allowed criminals to steal money from ATMs by sending commands through the PIN pad or through a keyboard. Later versions allowed hackers to send a text message to the ATM to distribute cash. While this ATM malware originated in Mexico, it’s suggested by Ploutus’s English localization that it was designed for use in other countries.

Other types of ATM malware include Tyupkin, which was used to infect ATMs in Eastern Europe, as well as another called Suceful, which was designed to lock cards inside the machines and release them upon a command. Thankfully, the common trend with these types of malware appears to be that they almost exclusively require physical access to the ATM in order to exploit. It’s suggested that the increase in ATM hacking attacks is occurring due to the adoption of chip-enabled cards by the everyday user.

GreenDispenser forces the ATM to display an error message claiming that the machine is out of service, but in actuality, hackers can bypass this error by plugging in a predetermined PIN that’s been hard-coded into the malware. GreenDispenser also has some other quirks that distinguish it from the ATM malware systems. As explained by ComputerWorld:

Interestingly, GreenDispenser uses some type of two-factor authentication. After the hard-coded PIN is entered, the ATM will display a QR code, which the criminals probably scan with a mobile application in order to obtain a second, dynamically generated PIN. The second PIN unlocks an interaction menu on the ATM that gives attackers control over the cash dispenser. Another option on the menu allows criminals to uninstall the malware in a way that securely wipes it and makes it hard for forensics teams to later recover it.

While this increase in ATM hacking is thought to stem from an increase in card encryption technology (making it significantly more difficult to steal information through card skimming), another main reason that hackers are targeting ATMs is because many still run on the antiquated Windows XP operating system. This just goes to show that not upgrading away from old operating systems can have dire consequences.

In the case of GreenDispenser, there’s not much for you to do to protect yourself. The victim is the bank or owner of the ATM. But if you do use an ATM, it doesn’t hurt to be aware of security risks. Check to see if the ATM is under surveillance. If it’s pretty obvious that there are security cameras on the ATM, or it’s under regular supervision, there’s a smaller chance it’s been tampered with.

With the release of Windows 10 still fairly recent, your organization doesn’t need to deal with old operating systems anymore. Contact The Connection, Inc today at (732) 291-5938 to find out all there is to know about upgrading away from your older Windows models, and ask us about security best practices that can keep your identity and personal information safe while utilizing online services.

Tip of the Week: 2 Easy Ways to Compare Edits Made...
How Much Is Your Identity Worth on the Black Marke...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, 23 December 2024

Captcha Image

Blog Archive

Mobile? Grab this Article

QR Code

Free Consultation

team work

Interested in seeing what we can do for your business? Contact us to see how we can help you!

Sign Up Today!

News & Updates

The Connection, Inc. Celebrates 32 Years as a Trusted Technology Provider!   Since our founding in 1992, technology and the way we operate and do business has changed a lot. Companies that have adapted and aligned themselves with ...

Contact us

Learn more about what The Connection, Inc can do for your business.

The Connection, Inc
51 Village CT
Hazlet, New Jersey 07730