[ISN] ATM malware lets criminals steal data and cash

From: InfoSec News <alerts_at_private>
Date: Fri, 5 Jun 2009 04:05:30 -0500 (CDT)

By Elinor Mills
June 4, 2009

Malware has been found on ATMs in Eastern Europe and elsewhere that 
allows criminals to steal account data and PINs and even empty the 
machine of its cash, a computer forensics expert said.

About 20 ATMs have been compromised in that manner, mostly in Russia and 
the Ukraine, but there are "early indications" of compromised ATMs in 
the U.S., said Nicholas Percoco, vice president and head of SpiderLabs 
at Trustwave, which provides data security and payment card compliance 

Percoco said he could not elaborate further on where the compromised 
ATMs were located and how they were used.

Someone had to manually install the malware on the machines, so it's 
likely that an insider is responsible; either an employee at the bank, 
the ATM vendor, a company that services the machines or someone close to 
an insider, Percoco said in a telephone interview late on Wednesday.


Visit the InfoSec News security bookstore!
Received on Fri Jun 05 2009 - 02:05:30 PDT

This archive was generated by hypermail 2.2.0 : Fri Jun 05 2009 - 02:27:32 PDT