Tuesday, November 12, 2024
HomeComputer SecurityMalicious Hackers Steal Money From ATM by Connecting Laptop with ATM Cash...

Malicious Hackers Steal Money From ATM by Connecting Laptop with ATM Cash Dispenser

Published on

Malware protection

The researchers discovered a dangerous black box attack tool called “KoffeyMaker” which is used by cybercriminals to steal money from ATM by connecting a laptop with the ATM machine cash dispenser.

An atm-based attack is discovered often around the world in the various form of operation by cybercriminals with sophisticated tools and they employing new tactics and techniques.

These incidents have been notified in European banks and they frequently reported in attacks since they were unclear how did this happen in their ATM.

- Advertisement - SIEM as a Service

After the detailed investigation was done by Kaspersky security research team confirmed that they were dealing with a black box attack.

Black box attack refers that cybercriminals opened the ATM and connect their laptop with the cash dispenser and simply leave the device inside.

This crime scene indicates that the “crime instrument” to be a laptop with ATM dispenser drivers and a patched KDIAG tool.

Later attacker gains the remote access through USB GPRS modem and they are using windows OS with XP, ME, or 7.

Cash out from ATM moments

Once everything goes well then cybercriminals returned to the ATM and pretending to normal ATM users in order to run the KDIAG tool by accomplished a remote connection with the laptop.

Later they provide an instructions to the dispenser to issue the cashout form ATM machine and they will retrieve the laptop on a later moment.

               ATM dispenser connected to a computer without the necessary drivers
According to Kaspersky, The whole operation could well be done solo, but the scheme whereby a “mule” handles the cash and ATM side, while a second “jackpotter” provides technical support for a share of the loot, is more common. 

Hardware encryption between ATM PC and its dispenser will be the better solution to prevent such attack but if it fails single ATM can spit out tens of thousands of dollars.

This attack is very similar to the earlier ATM based attack Cutlet Maker used by this new tool and Kaspersky Lab products detect as RiskTool.Win32.DIAGK.a and same tools used for various bank robbers.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

10 Best DNS Management Tools – 2025

Best DNS Management Tools play a crucial role in efficiently managing domain names and...

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Digital Wallets Bypassed To Allow Purchase With Stolen Cards

Digital wallets enable users to securely store their financial information on smart devices and...

Best SIEM Tools List For SOC Team – 2024

The Best SIEM tools for you will depend on your specific requirements, budget, and...

Europe’s Most Wanted Teenage Hacker Arrested

Julius “Zeekill” Kivimäki, once Europe's most wanted teenage hacker, has been arrested.Kivimäki, known for his involvement with the notorious Lizard Squad,...