Hackers using ATM malware have struck in Eastern Europe, tricking more than 50 cash machines to give them millions of dollars, and experts believe the suspects could hit the United States soon.
Vicente Diaz, principle security researcher at Kaspersky Lab's Global Research and Analysis Team, told
The Guardian that the attacks from the malware, called Tyupkin, were sophisticated and effective.
"It's a very well organized operation," Diaz told the Guardian, adding that the hacking required a lot of planning because the attacks needed to happen at specific times of the day.
Kaspersky revealed on the
Securelist blog that it discovered the malware recently while performing a forensic investigation of a cyber-attack on the Eastern Europe machines, finding that the ATM cassettes were emptied by "direct manipulation."
"The malware uses several sneaky techniques to avoid detection," Kaspersky Lab said on the blog, adding that hackers also install the malware via a bootable CD. "It also uses a key based on a random seed for every session. Without this key, nobody can interact with the infected ATM."
"When the key is entered correctly, the malware displays information on how much money is available in every cassette and allows an attacker with physical access to the ATM to withdraw 40 notes from the selected cassette," Kaspersky Lab said.
According to its analysis, Kaspersky Lab said, the malware could also affect machines not only in the United States, but also India, Russia, China, Israel, France and Malaysia.
The Daily Mail reported that Interpol is involved a wide-ranging investigation and is working with countries in Latin America, Europe and Asia in an effort to hunt down the hackers who are using the malware.
"Offenders are constantly identifying new ways to evolve their methodologies to commit crimes, and it is essential that we keep law enforcement in our member countries involved and informed about current trends and modus operandi," Sanjay Virmani, director of the Interpol Digital Crime Centre, told the Daily Mail.
Kaspersky has recommended that banks check on the physical security of their ATMs and network infrastructure to fight the new malware, according to the Daily Mail.
Related Stories: