Short overview of year’s key events, analysis of forecasts for 2019 and our predictions about cyberthreats to financial institutions in 2020 Read Full Article
Hello! My name is Dtrack
When we first discovered ATMDtrack, we thought we were just looking at another ATM malware family. Now we can add another family to the Lazarus group’s arsenal: ATMDtrack and Dtrack. Read Full Article
Criminals, ATMs and a cup of coffee
In spring 2019, we discovered a new ATM malware sample written in Java that was uploaded to a multiscanner service from Mexico and later from Colombia. After a brief analysis, it became clear that the malware, which we call ATMJaDi, can cash out ATMs. Read Full Article
Financial Cyberthreats in 2018
The presented report continues the series of Kaspersky Lab reports that provide an overview of how the financial threat landscape has evolved over the years. It covers the common phishing threats that users encounter, along with Windows-based and Android-based financial malware. Read Full Article
ATM robber WinPot: a slot machine instead of cutlets
In March 2018, we came across a fairly simple but effective piece of malware named WinPot. It was created to make ATMs by a popular ATM vendor to automatically dispense all cash from their most valuable cassettes. We called it ATMPot. Read Full Article
Goodfellas, the Brazilian carding scene is after you
From the early beginnings, using skimmers on ATMs, compromising point of sales systems, or even modifying the hardware of processing devices, Latin America has been a fertile ground for collecting credit and debit cards en masse. Read Full Article
Kaspersky Security Bulletin: Review of the Year 2017
The end of the year is a good time to take stock of the main cyberthreat incidents that took place over the preceding 12 months or so. To reflect on the impact these events had on organizations and individuals, and consider what they could mean for the overall evolution of the threat landscape. Read Full Article
ATM malware is being sold on Darknet market
In May 2017, Kaspersky Lab researchers discovered a forum post advertising ATM malware that was targeting specific vendor ATMs. The forum contained a short description of a crimeware kit designed to empty ATMs with the help of a vendor specific API, without interacting with ATM users and their data. The price of the kit was 5000 USD at the time of research. Read Full Article
ATMii: a small but effective ATM robber
While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list – Backdoor.Win32.ATMii. Read Full Article
ATMitch: remote administration of ATMs
In February 2017, we published research on fileless attacks against enterprise networks. This second paper is about the methods and techniques that were used by the attackers in the second stage of their attacks against financial organizations – basically enabling remote administration of ATMs. Read Full Article