Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Skimer, a Malware for ATMs, Resurfaces with Far Greater Danger

Cyber-criminals have upgraded an ATM malicious program uncovered in 2009 which's currently posing a far greater threat.

The malware, called Skimer, is an unprecedented threat to attack automatic teller machines. Now after 7-yrs, cyber-crooks from Russia have again started employing it, with both the criminals as well as the malware evolving so they become a still more potent danger inflicting on banks and accountholders worldwide.

An expert team from Kaspersky Lab found traces of a refined edition of Skimer left inactive on an affected bank's teller machine. The inactive malware would get about its task only when the cyber-crook dispatched it one regulated missive. This way the criminals hid their tracks.

Effectively, once installed, Skimer examines whether NTFS or FAT32 file system exists. Incase of FAT32, the malware would plant one malevolent .exe document within C:\Windows\System32 directory, however, incase of NTFS, it would mention the executable within data-stream of NTFS matching with a Microsoft service called 'Extension for Financial Services.'

The method most probably relates with making it hard for forensic analysts, Kaspersky's researchers blogged.

Now, when Skimer finishes interpreting the records, it'll carry out its controller's command alternatively ask for commands via one particular menu that the cash withdrawing plastic card activates. Thus Skimer gets activated. In fact 21 separate instructions are activated, including scanning the debit card's information, self-dispensing of cash, and others. Finextra.com posted this, May 18, 2016.

Further, during card information collection, Skimer uses PINs and dumps to save the info on the debit card's minuscule chip alternatively print the info on receipts of the ATM.

The cyber-attackers may as well hijack ATMs if they are linked with the inside network of the bank alternatively via utilization of captured support credentials in the remote.

Kaspersky suggests banking institutions to implement powerful anti-virus software on their ATMs, apply password to safeguard their ATMs' BIOS, and quarantine ATMs from various infection causes by keeping them tied to the internal networks alone.

Moreover, banks could proactively scan their processing machines to find those card numbers that forcibly became accountable for the ATMs' infection, block the efforts for activating Skimer, or detect money-mules.

» SPAMfighter News - 5/23/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page