A look at the ATM/PoS malware landscape from 2017-2019
#1
Bug 
Quote:
[Image: sl_atmmalware_01-en-atm-malw-act.png]

From remote administration and jackpotting, to malware sold on the Darknet, attacks against ATMs have a long and storied history.  And, much like other areas of cybercrime, attackers only refine and grow their skillset for infecting ATM systems from year-to-year. So what does the ATM landscape look like as of 2020? Let’s take a look.

The world of ATM/PoS malware

ATM attacks aren’t new, and that’s not surprising. After all, what is one of the primary motives driving cyber criminals? Money. And ATMs are cash hubs—one successful attack can net you hundreds of thousands of dollars. In the past, even high-profile threat actors have made ATMs their prime target.

However, attacking ATMs is a bit different from traditional financial-related threats, like phishing emails or spoofed websites. That’s because ATMs operate in a unique space in the tech world: they’re still connected to the corporate networks but at the same time must be accessible to anyone that passes by. The resulting technical differences means the attack methods differ from those used for traditional endpoints.

ATMs also share several common characteristics that make them particularly vulnerable to attacks:
  • Traditional software that is part of the warranty offered by the vendors → If major changes occur that are not approved by the ATM vendor, including installing AV software, then sometimes this warranty is lost.
  • Regular use of outdated operating systems and the apps its runs on
  • Locations chosen in a way that provide access to as many customers as possible, including those in remote regions → These isolated locations often lack any reasonable physical security
Old software means unpatched vulnerabilities—ones criminals can exploit—and isolated areas makes it easier for criminals to gain physical access to the internal ports of the motherboard. This is especially typical for the old ATM machines located in many regions with low resources and no budgets for ATM upgrades.  When combined, ATMs become not only a highly profitable target—but an easy one.

From 2017 to 2019, there has been a marked increase in ATM attacks, due to a few families being particularly active. These target systems around the globe, regardless of the vendor, and have one of two goals: either stealing customers’ information or funneling funds directly from the bank.

Considering all of the above, we decided to delve further into what has been happening in the world of ATM/PoS malware for the last few years.

ATM/oOS malware attacks: by the numbers
 
To gain a closer look at ATM malware worldwide, we utilized the statistics processed by Kaspersky Security Network (KSN) over the course of the past three years globally.

The results showed that the number of unique devices protected by Kaspersky that encountered ATM/PoS (point-of-sale) malware at least once experienced a two-digit growth in 2018—and this number held steady, even increasing slightly, in 2019.
...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AMD CES 2025 NEWS
AMD fires back at Ra...harlan4096 — 12:39
Microsoft Edge 131.0.2903.146
Version 131.0.2903...harlan4096 — 12:37
Random YouTube Vidoes
Have we lost interne...Kool — 10:50
XYplorer
What's new in 26.7...Kool — 10:27
Intel unveils new Laminar RH2/RM2 CPU co...
Intel has new coole...harlan4096 — 07:58

[-]
Birthdays
Today's Birthdays
avatar (43)tabthinLem
Upcoming Birthdays
avatar (49)theoldevext
avatar (44)algratCep
avatar (49)Qlaude2Sap
avatar (50)Josepharelf
avatar (39)kholukrefar
avatar (48)Lauraimike
avatar (50)WilsonWag
avatar (48)StevenPiole
avatar (39)zetssToomy
avatar (46)GornOr
avatar (49)Jamesmog
avatar (37)opeqyrav
avatar (37)ivanoFloom
avatar (40)uxegihor

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>