Before now, hackers exploit hardware and software vulnerabilities to hack ATMs before they can force them to spit out cash, but now anyone can simply buy a malware to steal millions in cash from ATMs.
Researchers at Kaspersky Lab have discovered an underground hacking forum where anybody can simply do this i.e buy ready-made ATM malware toolkit for around $5000 after spotting a forum post advertising the malware, dubbed Cutlet Maker.
The advertisement of this Cutlet Maker ATM malware toolkit was initially published on the AlphaBay Darknet marketplace, but was recently taken down by the FBI.
According to the malware toolkit brief description and detailed manual on the forum post, the ATM malware toolkit is designed to target various ATMs models with the help of a vendor API, without interacting with ATM users and their data.
What this simply means is that, this ATM malware toolkit does not affect bank customers directly, instead, it is intended to trick the bank ATMs from a specific vendor to release cash without authorisation.
Tyupkin an infamous ATM malware which Kaspersky Lab first analysed in 2014 and used by an international cybercrime gang to conduct Jackpotting attack and make Millions by infecting ATMs across Europe and beyond was also mentioned in the manual.
List of crimewares contained in the ATM malware toolkit
— Cutlet Maker: ATM malware which is the primary element of the toolkit
— Stimulator: An application to gather cash cassette statuses of a targeted ATM
— c0decalc: A simple terminal-based application to generate a password for the malware.
Read Also: How to spy and read someone else’s Whatsapp conversations directly on your phone without them knowing
According to Kaspersky researchers, the functionality of the Cutlet Maker malware suggests that two people are supposed to be involved in the ATM money theft—the roles are called “drop” and “drop master.”
“Access to the dispense mechanism of CUTLET MAKER is password protected. Though there could be just one person with the c0decalc application needed to generate a password,” the researchers say.
“Either network or physical access to an ATM is required to enter the code in the application text area and also to interact with the user interface.”
In order to operate, the application needs a special library, which is part of a proprietary ATM API and controls the cash dispenser unit, this shows how cyber “criminals are using legitimate proprietary libraries and a small piece of code to dispense money from an ATM.”
As at the time of Kaspersky’s research, the price of this ATM malware toolkit was $5000.
Hope you love this update on “How To Activate MTN, Glo, Airtel And 9Mobile 100% Double Data Bonus” if so, kindly give the post a like👍, share the post to your Social circles, bookmark our page if you haven’t done so and also like our Facebook page as well.👍👌