Submitted by Micah Smith on Mon, 01/15/2018 - 13:19
Daylight Robbery at the A.T.M
Daylight Robbery at the A.T.M

With multifaceted and overlapping malware, ransomware, spyware and botnets, cyber criminals have to tirelessly toil away, negotiating the price of malware with other online thieves - it's a tough new world. 

So, it's nice to have some good old-fashioned bank robbers in the news, once in a while.

Stealing from banks used to hold the celebrity status within the world of outlaws, as other than requiring the skills of being completely immoral it requires daring and fearlessness. The primary element being hugely attractive to potential crooks was and remains, beyond the status, the huge sums of cash you can swipe in one break-in. This was of course until cybercrime came along.

The modern-day cybercriminal not only doesn’t have to rob a bank for those big lump sums, he doesn’t need to leave his sofa. Of course, conversations have shifted to stealing cyber currency from online repositories and ICO’s (initial coin offerings).

But at the core of every hacker lies the primordial bank robber.  Why? you ask. Let's look at the ATM hacking malware discovered recently on an online marketplace site.

This dangerous malware, dubbed Cutlet Maker, can help hackers steal millions of dollars. It allows hackers to avoid interaction with the bank customers directly and the malware toolkit is designed to target various ATM models using a vendor API, without interacting with users or the user data.

An infamous piece of malware called Tyupkin was discovered in the code, that helped carry out the Jackpotting attacks of 2014 and 2015. One of the perpetrators behind this malware code escaped from prison a year ago and is still on the run.

Now it seems that the malware originally used has been upgraded, renamed to GreenDispenser and is currently being used to target ATMs across Mexico.

The malware uses a special library that contains proprietary ATM API and controls the cash dispenser unit.

How do they have access to that?

In contrast to the old Western movies, only 2 people need to be involved in a modern-day Cyber bank heist. One person needs to work the codes and hack into the network, while the other accesses the ATM and withdraws the money.

It is highly likely that the hackers were using USB drives to infect the ATM device first and then steal the money. Nobody knows since they could do this in broad daylight. All they needed to do was spend a few extra minutes at the A.T.M, which basically means anyone who was ever in front of me at the A.T.M.

Hackers have been patiently waiting in the shadows, stealing sensitive information for years, until they could combine it all together to create this snazzy little product. It’s quite simple - just an ATM API and a dash of code and, Bob's your Uncle, you have a present-day bank robbery. 

The price of the malware stood at $5000 at the time of its discovery by Kaspersky Labs on Alphabay, the most successful black-market online, until they were recently busted by the FBI.

This raises the famous debate of enhanced security in the form of biometric security. Fingerprints and other biosecurity measures could be the key to preventing further robberies the affect both the consumer and the bank equipment.

Or it could become another tool in the hacker’s arsenal to gain access to sensitive information. Either way, there is little doubt that this code will re-surface and be sold to hackers around the globe and hopefully nowhere near your local A.T.M.