A global security firm called Proofpoint has picked up a shifty form of malware on its radar — malware that can steal money from an ATM faster than most bank robbers can manage to do in real-time.
Named GreenDispenser, the malware is activated through a boot-enabled CD-ROM drive; after that, GreenDispenser goes after middleware that is commonly implanted in most ATMs. Using a remote-like device (aka your average cell phone with texting capabilities), the malware user can then liquidate as much money as desired. The final "tada!?" The malware causes an "out of service" message to appear on the ATM screen, warding off potential ATM users and delaying the discovery time of the existence of GreenDispenser within the machine.
This particular malware isn't the first generation of its kind; former versions of GreenDispenser were a bit more rudimentary (for instance, GreenDispenser 1.0, as we'll call it, needed external hardware like a keyboard or even the PIN pad, which could leave some rife evidence, to work).
GreenDispenser has been primarily found in Mexican ATMs, but there is evidence that the use of the malware is spreading due to incarnations of the "out of service" screen messages written in English. In response to its lack of current containment, ProofPoint issued this statement:
"ATM malware continues to evolve, with the addition of stealthier features and the ability to target ATM hardware from multiple vendors. While current attacks have been limited to certain geographical regions such as Mexico, it is only a matter a time before these techniques are abused across the globe. We believe we are seeing the dawn of a new criminal industry targeting ATMs with only more to come. In order to stay ahead of attackers financial entities should reexamine existing legacy security layers and consider deploying modern security measures to thwart these threats."
Even though it's best to exercise caution when it comes to malware-related thievery, there is one catch that can benefit potential victims of this scheme — ATMs can only be infected by GreenDispenser with the help of someone who has direct access to the aforementioned money dispensaries.
Via: Digital Trends
Photo: William Grootonik | Flickr