Malware blamed for ATM thefts in Mexico and Ukraine


  • Nation
  • Wednesday, 01 Oct 2014

PETALING JAYA: At least two malicious computer programs or malware that target automated teller machines (ATMs) have been detected since last year, with one of them blamed for a string of ATM thefts in Mexico and the Ukraine.

Malaysian police have not revealed the malware they suspect was used by thieves to infect 18 ATM machines nationwide over the past three days, resulting in the loss of more than RM3mil.

The explanation by police on how the thieves took control of the machines suggests that either malware program may have been used.

The first, Backdoor.Ploutus was detected on Sept 4 last year, while the second, Backdoor.Padpin, was discovered on May 9, according to antivirus firm Symantec’s threat listing website (www.symantec.com/security_response/landing/azlisting.jsp).

Both are trojan programs, a type of malware that secretly carries out certain actions in the infected computer when activated.

Police said the thieves inserted a CD-ROM into each of the machines and launched the “ulssm.exe” file which infects the ATM.

They then entered a code using the ATM’s keypad that enabled them to withdraw the cash from the machine.

Backdoor.Padpin creates the “ulssm.exe” file in the infected ATM as one of the steps to take control of the machine.

Backdoor.Ploutus allows an attacker to control an ATM using a mobile phone connected to the machine.


Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 7
Cxense type: free
User access status: 3

Courts & Crime , atm hacking

   

Across The Star Online


Air Pollutant Index

Highest API Readings

    Select State and Location to view the latest API reading

    Source: Department of Environment, Malaysia