A recent multination alert issued by Interpol suggests that an ATM-focused malware is currently in operation and stealing cash directly from ATMs. The Russian threat management system and secure content developer Kaspersky is the company responsible for unearthing this scam.
Tyupkin, as the research team at Kaspersky, calls the malware, allows people with criminal intent to withdraw cash without the need of inserting any bank card. For installation of the malware into the ATMs, however, criminals need to use a CD. Upon completion of the installation, cyber criminals need to enter two different set of digits on the cash machine’s keypad. That’s it; as soon as the digits are entered the ATM starts releasing cash.
According to the Kaspersky researchers, to elude detection, Tyupkin accepts commands only on specific times i.e. on Monday and Sunday nights. The researchers have further informed that the criminal needs to enter a random code every time he/she looks to get cash from the ATM; what this does is ensures that the cash don’t become accessible to individuals who are not connected to this scheme. For every new session, the key with a unique combination of digits is generated.
According to the findings presented by Kaspersky, once the key is entered the criminal gets instructions on his or her phone (the instructions are sent by another member of the malevolent group the criminal is representing). The individual sending the instructions is aware of the algorithm; he/she can, thus, generate session key based on the entered numbers. This procedure ensures that the person sent to collect the cash does not gulp it alone.
After entering all these credentials accurately, the ATM’s display will show the amount of cash available for withdrawal in cassette of the machine. The criminal will then be asked which cassette he or she wants to empty. The ATM will then dispense 40 banknotes from the selected cassette; in other words, this system allows withdrawing a maximum of 40 banknotes in a single attempt.
According to Kaspersky, so far Tyupkin has attacked ATMs in Asia, Latin America and Europe; to prevent further harm, Interpol has already offered investigative assistance to all these affected countries.
The Director of Interpol’s Digital Crime Centre Sanjay Virmani said that offenders are continuously coming up with fresh ways of evolving the techniques of committing crimes, which makes it extremely essential for Interpol to keep a close eye on the law enforcement in its member countries and ensure that it is well-informed about all current trends and mode of operations.
Nothing is still known about the kind of measures Interpol and Kaspersky is planning to take to prevent the malicious groups from taking away cash from ATMs; we’ll probably need to wait for some more time to gather information on that.