ATMs (automated teller machines) are everywhere and we all use them regularly. That has always made them a target for bad guys -- a card reader can steal all sorts of information. But in the wake of events like the Target and Home Depot breaches things have risen to a new level. So high, in fact, that security company Kaspersky and law enforcement organization INTERPOL have issued a warning.
It seems that ATMs are pouring out money to criminals who are not even using any sort of credit or debit card. While this isn't a problem for any particular individual, it is a major one for the banks, which makes it everyone's worry.
This is apparently a global problem, which explains the involvement by INTERPOL. It all stems from a recent investigation conducted by Kaspersky.
"Kaspersky Lab’s experts performed a forensic investigation into cyber-criminal attacks targeting multiple ATMs around the world. During the course of this investigation, the company’s researchers discovered a piece of malware infecting ATMs that allowed attackers to empty the cash machines via direct manipulation, stealing millions of dollars", the security company states.
The malware results from the bad guys being able to physically access the machines and insert a CD that contains the malware, which is dubbed Tyupkin. The ATM is then rebooted and under the control of the attacker.
"To make the scam harder to spot, Tyupkin malware only accepts commands at specific times on Sunday and Monday nights. During those hours the attackers are able to steal money from the infected machine", Kaspersky points out.
With the machine under control, the criminal can enter a unique digital code which can be used the make the withdrawal, and the code changes with each session. The code comes via a mobile phone from the person in control of the malware and is capable of generating the PIN. In other words, this is being done by gangs, not individual attackers.
The scam has been caught on video, as many ATMs have cameras. Kaspersky has turned this over to law enforcement and also alerted banks of the steps needed to prevent this type of attack.