Malware targets Windows-based ATMs

Posted on Sunday, March 22 2009 @ 14:02 CET by Thomas De Maesschalck

Antivirus firm Sophos reports they've found a new type of malware that goes after Windows-based ATMs from Diebold:

The code for the software uses undocumented features to create a virtual 'skimmer' which is capable of recording card details and personal identification numbers without the user's knowledge, which suggests that the creator had access to the source code for the ATM. While this doesn't directly point to an inside job, the possibility certainly can't be ruled out.

Sophos believes that the code was intended to be pre-installed by an insider at the factory, and would hold transaction details until a special card was entered into the machine – at which point a nice list of card numbers, PINs, and balances would be printed out for the ne'er-do-well to peruse at his leisure. It's also possible that the malware could be installed by someone with access to the ATM's internal workings – such as the person who refills the supply of money each day.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!