Some malware slows down your PC. Other malware steals all the money from your local bank.
Today, we’re talking about the latter kind of malware. A group of European criminals recently rooted dozens of ATMs, giving themselves free access to the cash within.
Kaspersky and Interpol released a joint statement earlier this week describing the new ATM-targeting malware. That malware is called Tyupkin.
5 things you need to know about the Tyupkin ATM security problem:
5) More than 50 ATMs in eastern Europe and Ukraine have been infected
So far, the problem is centralized in Eastern Europe and Ukraine. Sure, ATMs in the United States have been hacked in the past, but this problem doesn’t appear to have any chance of making its way to the western world.
Nevertheless, certain instances of the malware have been discovered in America, China, and France.
4) It gives criminals total access to the ATM
Criminals can use Tyupkin to allow “low-level thieves, known as money mules” access to the machines at certain times of the day. These thieves use an intermittently changing code much like the six-digit tokens used in the financial industry for security. After entering that code, criminals have total access to the ATM.
3) The malware doesn’t target consumers’ bank accounts
Here’s the good news about this security hack: it’s not being used to target individual bank accounts. In fact, hackers can’t see any of that information from the ATM. All they can see is the amount of cash in each “tube” of the ATM before picking a tube and withdrawing up to 40 bills at a time.
2) Hackers must receive physical access to the ATM
Fortunately for banks in other parts of the world, this isn’t some universal ATM flaw that can be accessed by hackers in Russia in seconds. Instead, hackers require physical access to the machine in order to install a unique type of malware.
1) It’s surprisingly sophisticated
Up above, I talked about how “money mules” were the people who drew the money out of the ATMs. These money mules have one job: collect money from the ATM.
Why don’t the money mules just circumvent the boss and draw out as much money as they want on their own?
Well, they can’t. This sophisticated malware generates a unique key for each session. Only the boss knows that key. The boss relays the key to the money mule by phone, granting them access to the ATM for one brief session.
Ultimately, this scam will likely stay in Eastern Europe and Ukraine. However, it’s feasibly possible to target any ATMs which offer easy street access. But until this malware goes “airborne” and can infect ATMs over the air, it’s unlikely to cause any real danger.