Malware On ATMs Allowing Criminals To Steal Data and Cash
Monday, June 8, 2009 at 8:12AM
Keith Erwood in ATM, ATM security, ATMs compromised, Computer Security, Malware, computer security, system security

Approximately 20 ATMs have been found in Europe that have malware on them allowing thieves to steal cash as well as acount data and PINS from account holders.

The ATMs are located mostly in Russia and the Ukraine however their seems to be indications that the Unites States may have compromised ATMS as well.

Since the malware needs to be directly installed onto the ATM an insider is suspected but whether that insider works at a bank, an ATM vendor, a company that services the machines or someone close to an insider is unknown at this time.

The discovery was made by SpiderLabs at Trustwave.

The ATMs were running the Windows XP Operating System and had an executable on them that was masquerading as a legitimate Windows protected storage service, he said. The malware looks at all the data being processed by the ATM and records account information that is stored on the magnetic stripes on cards inserted into the machine and encrypted PIN blocks that are generated when someone types in their personal identification number.

Even though PINs are encrypted, the criminals could potentially intercept the encryption keys exchanged with the bank and use them to decrypt the PINs or even use other methods to decrypt the keys once they have the information.

For more on this story please refer to the reference below.

Article originally appeared on Disaster Preparedness Blog - Emergency Preparedness Tips, Business Continuity and Disaster Recovery Emergency Management (http://disasterpreparednessblog.com/).
See website for complete article licensing information.