TweakTown

Cybercriminals compromise ATMs to spit out cash by sending SMS message

Symantec warns of sophisticated malware that allows cybercriminals to send a text message to compromised ATMs, then walk up and collect the money.

Published Mon, Mar 24 2014 7:18 PM CDT   |   Updated Tue, Jun 16 2020 4:29 PM CDT

As the Microsoft end of support for the aging Windows XP operating system quickly approaches, security researchers believe the banking industry faces a serious risk of compromised ATMs, according to Symantec.

Cybercriminals compromise ATMs to spit out cash by sending SMS message | TweakTown.com

The Backdoor.Ploutus.B malware variant, an upgraded version of sophisticated malware that proved effective in 2013, allows cybercriminals to force ATMs to dispense cash.

The criminals simply send an SMS to a compromised ATM, walk up, and collect the stolen cash - using a network packet monitor (NPM) and other tools to properly infect the ATM.

"As soon as the compromised ATM receives a valid TCP or UDP packet from the phone, the NPM will parse the packet and search for the number '5449610000583686' at a specific offset within the packet in order to process the whole package of data," said Daniel Regalado, Symantec security researcher, in a blog post. "Once that specific number is detected, the NPM will read the next 16 digits and use them to construct a command line to run Ploutus."

NEWS SOURCE:scmagazine.com

An experienced tech journalist and marketing specialist, Michael joins TweakTown looking to cover everything from consumer electronics to enterprise cloud technology. A former Staff Writer at DailyTech, Michael is now the West Coast News Editor and will contribute news stories on a daily basis. In addition to contributing here, Michael also runs his own tech blog, AlamedaTech.com, while he looks to remain busy in the tech world.

Related Tags

Newsletter Subscription

Latest News

View More News

Latest Reviews

View More Reviews

Latest Articles

View More Articles