Malware that targets ATMs isn’t a new concept. After all, ATMs use internal computers that can be hacked like any workstation. The prime difference is that ATMs dispense cash, which has to be picked up in person but is then untraceable. A new type of ATM malware, GreenDispenser, is active in Mexico and is doubtless spreading to other countries.
GreenDispenser forces the ATM to display an error message claiming that the machine is out of service, but hackers bypass this error by plugging in a predetermined hard-coded PIN. Interestingly, GreenDispenser also uses two-factor authentication. After the PIN is entered, the ATM displays a QR code. The criminals scan this code with a smartphone to generate a second PIN, which ultimately gives them control over the cash dispenser. Hackers can then uninstall the malware to cover their tracks.
GreenDispenser isn’t the only malware that targets ATMs. Meet Ploutus, which allows criminals to steal money from ATMs by sending commands through the PIN pad or a keyboard. Later versions even allow hackers to send a text message to the ATM. While this ATM malware also originated in Mexico, Ploutus’s English localizations suggest that it was designed for use in other countries.
Other ATM malware programs include Tyupkin, which was used to infect ATMs in Eastern Europe, and Suceful, which locks cards inside the machines and releases them upon a command. The good news is that this type of malware usually requires physical access to the ATM in order to work.
It’s suggested that the increase in ATM hacking attacks is occurring because the new chip-enabled cards are making card-skimming fraud more difficult, another reason that hackers are targeting ATMs is that many still run on the antiquated Windows XP OS.
In the case of GreenDispenser, the victim is the bank or owner of the ATM. But as a user, you should be aware. If it’s obvious that there are security cameras on the ATM, there’s a smaller chance it’s been tampered with.
Upgrading your operating system helps to keep your protections up to date. Contact Quikteks today at (973)-882-4644 to find out all there is to know about upgrading your older Windows software, and ask us about security best practices that can keep your identity and personal information safe.