Recently, the researchers of the well-known security firm, Kaspersky Lab exposed that a dangerous malware that allows anyone to empty ATMs is on sale. The program, as mentioned, is sold by providing a brief description, a detailed manual of its operation and a set of tools specially designed to target specific vendor models.
This Dangerous Malware Allows Anyone To Empty ATMs—And It’s On Sale!
Although usually exploiting vulnerabilities in the software or hardware requires some expertise, there are devices that facilitate such processes. One of them is a malware called “Cutlet Maker”, which is distributed in forums of the network, to steal ATMs.
The alert was exposed by Kaspersky Lab researchers, after detecting publications that commercialized the software ready to be used. The program, as mentioned, is sold by providing a brief description, a detailed manual of its operation and a set of tools specially designed to target specific vendor models.
Malware does not directly affect bank customers but it is intended to trick ATMs into releasing their content without authorization. Among the tools mentioned is Tyupkin, a software that became popular in 2014 (mainly in Europe) after affecting the operation of the cashiers whose operation depended on Windows, and was central to the subsequent jackpotting attacks.
Although ATMs, or ATM (Automated Teller Machine), have particular electronic subsystems, they are still controlled by computers and operating systems behind. The toolkit includes: Cutlet Maker, the malware in question, main in the suite; Stimulator, an application to collect cashier states; and c0decalc, a terminal for generating passwords.
According to Kaspersky researchers, the modus operandi suggests that two people perform the process, in roles called “drop” and “drop master”. The price of the toolkit was listed USD $5,000 at the time of the investigation.
So, what do you think about this? Simply share your views and thoughts in the comment section below.
