Cybercriminals refine data-sniffing software for ATM fraud
Cybercriminals are improving a malicious software program that can be installed on ATMs running Microsoft's Windows XP operating system that records sensitive card details, according to security vendor Trustwave.
The malware has been found on ATMs in Eastern European countries, according to a Trustwave report.
The malware records the magnetic stripe information on the back of a card as well as the PIN (Personal Identification Number), which would potentially allow criminals to clone the card in order to withdraw cash.
The collected card data, which is encrypted using the DES (Data Encryption Standard) algorithm, can be printed out by the ATM's receipt printer, Trustwave wrote.
The malware is controlled via a GUI that is displayed when a so-called "trigger card" is inserted into the machine by a criminal. The trigger card causes a small window to appear that gives its controller 10 seconds to pick one of 10 command options using the ATM's keypad.
"The malware contains advanced management functionality allowing the attacker to fully control the compromised ATM through a customized user interface built into the malware," Trustwave wrote.
A criminal can then view the number of transactions, print card data, reboot the machine and even uninstall the malware. Another menu option appears to allow the ejection of an ATM's cash cassette.
Trustwave has collected multiple versions of the malware. The company believes that the particular one it analyzed is "a relatively early version of the malware and that subsequent versions have seen significant additions to its functionality."
The company advised banks to scan their ATMs to see if they're infected.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
xp
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
