Scammers go to any length to cheat an ATM out of its cash. But hacking an ATM is getting shockingly easy these days.
Security firm Kaspersky Labs has found a flaw in cash machines that allows criminals to quickly steal money by entering a series of digits on the keypad.
Millions of dollars have been stolen already
The malware called ‘Backdoor.MSIL.Tyupkin’ has affected at least 50 ATMs, allowing hackers to withdraw hundreds of dollars without needing a debit or credit card.
The malware can only be installed if the hacker has direct access to an ATM
Prior to stealing money, targeted machines are infected with installing malicious software using the ATM’s CD drive. To do this, criminals need physical access to the ATMs.
Modus Operandi
Once the ATM is infected with Malware, the criminals enter a special code into the keypad that reveals the amount of money in the machine. A second pin-code is then used to dispense the cash by unlocking the machine. The machine will issue cash to anyone who knows the correct code.
The malware is smart enough to avoid detection
This clever malware conceals itself and becomes active at a very specific time at night. The pin code is randomly generated by an algorithm at a remote location. Without this code, nobody can interact with the infected ATM or only the person responsible for infecting the ATM can steal the money.