New WinPot malware found draining ATMs by leveraging interface akin to slot machine

According to Kaspersky Lab, one fresh family of malicious programs dubbed WinPot has been found leveraging an interface akin to one slot machine as it drains ATMs located in financial companies.

The security company first noticed WinPot during March 2018. Researchers at Kaspersky Lab from their analysis noticed that WinPot creators had crafted the malware's interface in a way it would appear similar to one slot machine. For that, the malware owners made one "SPIN" button, which would drain out the cash-out-cassette which stays inside a contaminated ATM machine, at the time it's clicked.

WinPot group of malicious programs sported certain technical versions, thus observed Kaspersky researchers. Indeed, WinPot looks like an altered form of itself having gained the inspiration from Cutlet Maker one well-known ATM malware of 2016. Cutlet Maker as well exhibited thorough information regarding its victimized ATMs' contents, albeit instead of the slot appearance, the malware utilized certain picture of one hackneyed chef who winked while gestured "OK" with his hand.

Senior threat researcher Numaan Huq with Trend Micro Research says just a while past, the WinPot and Cutlet Maker malware programs have made their attack tool become monetarily viable following its sale for some little sum of money. The Trend Micro research team joined Europol during 2016 in analyzing ATM hacks more comprehensively. Consequently according to Huq, the final team expects that there will be many more groups attacking ATM devices given the rather cheap attack tool available. www.wired.com posted this, February 20, 2019.

WinPot is available on the grey area of Web for just around $1,000, researchers found. The given price meanwhile, makes WinPot a little less expensive than Cutlet Maker, the ATM malware, which Kaspersky Lab discovered going on sale on secret illegal online markets during October 2017.

ATM malware can be prevented from attacking financial institutions if the latter disallows use of USB a common medium for contaminating the PCs of ATMs. The IT sections should then expand such a regulation for all IT units, notably cell-phones and other mobile devices. Simultaneously, white-lists should be enforced specifying the software names solely allowed for running on ATMs.

» SPAMfighter News - 2/25/2019