Pages

Sunday, October 12, 2014

Tyupkin Malware Hacking ATM Machines Worldwide

Money is always a perfect motivation for cyber criminals who tries different tricks to solely target users with card skimmers that steal debit card numbers, but now the criminals are using specialized malware that targets ATM (Automated Teller Machine) systems to withdraw cash even without the need of a card...

The new backdoor program, dubbed as “Tyupkin,” requires physical access to the ATM system running 32-bit Windows platforms and booting it off of a CD in order to install the malware. According to the researchers, the threat has continued to evolve in recent months, infecting ATMs in Asia, Europe, and Latin America.
There are no details relating to the criminal gang behind the attacks, but they have already stolen "millions of dollars" from ATMs worldwide using the sophisticated malware, security firms Kaspersky and Interpol, who are working together in an attempt to foil the criminal gang, said in a joint statement released on Tuesday.
"Over the last few years, we have observed a major upswing in ATM attacks using skimming devices and malicious software," said Vicente Diaz, principal security researcher at Kaspersky Lab.

"Now we are seeing the natural evolution of this threat with cybercriminals moving up the chain and targeting financial institutions directly. This is done by infecting ATMs themselves or launching direct Advanced Persistent Threat (APT)-style attacks against banks. The Tyupkin malware is an example of the attackers taking advantage of weaknesses in the ATM infrastructure."
HOW TYUPKIN ATTACK WORKS
In order to install the malicious backdoor, money mules need to physically insert a bootable CD which installs the malware.

Once the machine is rebooted, the ATM is under the control of the criminal gang. The sophisticated malware then runs in the background on an infinite loop awaiting a command from the attacker’s side. However, themalware will only accept commands at specific times – in this case on Sunday and Monday nights – making it harder to detect.

Furthermore, a unique combination key based on random numbers is generated – so that the possibility of a member of the public accidentally entering a code can be avoided. This key code needs to be entered before the main menu is shown.
"The malicious operator receives instructions by phone from another member of the gang who knows the algorithm and is able to generate a session key based on the number shown," Kaspersky stated in its release. "This ensures that the mules collecting the cash do not try to go it alone."
When this session key is entered correctly, the ATM displays details of how much money is available in each cash cassette, inviting the operator to choose which cassette to steal from, and the number of available banknotes – the ATM dispenses a maximum of 40 at a time from the chosen cassette.

COUNTRIES AFFECTED BY TYUPKIN
During investigation the researchers found more than 50 ATMs from banking institutions throughout Eastern Europe, and most of the Tyupkin submissions came from Russia. The malware appears to have since spread to the United States, India, China, Israel, France and Malaysia.
The scam has been even caught on video, as many of the ATMs have cameras, so you can also have a look to the video provided below. Kaspersky has informed law enforcement about the issue and also alerted banks and the financial sectors of the steps needed to prevent this type of attack.

17 comments:

  1. Ιf you want to grow your knoաledge only keep visiting this website ɑnnd be updated with the most recent news update posted here.



    My web blog ... Best weight Loss pills

    ReplyDelete
  2. Thankfսlneѕs to my father whoo ѕhared with me aboit this weblog, thi web site is actuаlly awesome.


    Feeel free too viѕit my աeb-site Acai Berry Weight Loss

    ReplyDelete
  3. I think that what you published made a great deal of sense.
    However, what about this? suppose you wrote
    a catchier post title? I ain't suggesting your information isn't solid, but what if you added a title to possibly get a person's attention? I mean "Tyupkin Malware Hacking ATM Machines Worldwide" is kinda boring.
    You ought to look at Yahoo's home page and note how they create news headlines
    to grab viewers to open the links. You might
    try adding a video or a pic or two to grab people interested about what
    you've written. In my opinion, it would make your posts a little bit
    more interesting.

    Look into my site - simpsons tapped out infinite donuts

    ReplyDelete
  4. BEST WAY TO HAVE GOOD AMOUNT TO START A GOOD BUSINESS or TO START LIVING A GOOD LIFE….. Hack and take money directly from any ATM Machine Vault with the use of ATM Programmed Card which runs in automatic mode. email (williamshackers@hotmail.com) or WhatsApp +27730051607.
    for how to get it and its cost . ………. EXPLANATION OF HOW THESE CARD WORKS………. You just slot in these card into any ATM Machine and it will automatically bring up a MENU of 1st VAULT $200 $300 $500, $1,000, 2nd VAULT $2,000, $3000, $4000 RE-PROGRAMMED, EXIT, CANCEL. Just click on either of the VAULTS, and it will take you to another SUB-MENU of ALL, OTHERS, EXIT, CANCEL. Just click on others and type in the amount you wish to withdraw from the ATM and you have it cashed instantly… Done. ***NOTE: DON’T EVER MAKE THE MISTAKE OF CLICKING THE “ALL” OPTION. BECAUSE IT WILL TAKE OUT ALL THE AMOUNT OF THE SELECTED VAULT. email (williamshackers@hotmail.com) or WhatsApp +27730051607.

    ReplyDelete
  5. Remarkable article, it is particularly useful! I quietly began in this, and I'm becoming more acquainted with it better! Delights, keep doing more and extra impressive! mosfet replacement

    ReplyDelete
  6. Thank you for sharing a bunch of this quality contents, I have bookmarked your blog. Please also explore advice from my site. I will be back for more quality contents. 온라인릴게임

    ReplyDelete
  7. I know your expertise on this. I must say we should have an online discussion on this. Writing only comments will close the discussion straight away! And will restrict the benefits from this information. nursing test bank

    ReplyDelete
  8. Thanks for the blog filled with so many information. Stopping by your blog helped me to get what I was looking for. Now my task has become as easy as ABC. 현금바둑이

    ReplyDelete
  9. It is a great website.. The Design looks very good.. Keep working like that!. 먹튀검증

    ReplyDelete
  10. Nice post. I was checking constantly this blog and I am impressed! Extremely helpful information specially the last part I care for such info a lot. I was seeking this particular information for a very long time. Thank you and good luck. 먹튀폴리스

    ReplyDelete
  11. I really loved reading your blog. It was very well authored and easy to undertand. Unlike additional blogs I have read which are really not tht good. I also found your posts very interesting. In fact after reading, I had to go show it to my friend and he ejoyed it as well! 먹튀검증

    ReplyDelete
  12. This is very educational content and written well for a change. It's nice to see that some people still understand how to write a quality post! 대전건마

    ReplyDelete
  13. I havent any word to appreciate this post.....Really i am impressed from this post....the person who create this post it was a great human..thanks for shared this with us. 환전가능 꽁머니

    ReplyDelete
  14. I admit, I have not been on this web page in a long time... however it was another joy to see It is such an important topic and ignored by so many, even professionals. I thank you to help making people more aware of possible issues. 토토커뮤니티

    ReplyDelete
  15. 승인전화없는 토토사이트

    ReplyDelete
  16. I have read your article couple of times because your views are on my own for the most part. It is great content for every reader. 먹튀사이트

    ReplyDelete