• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

Malware blamed for ATM thefts in Mexico and Ukraine

hokkien

Alfrescian (Inf)
Asset
The Star/Asia News NetworkWednesday, Oct 01, 2014
20141001_atmmys.jpg
Malware blamed for ATM thefts in Mexico and Ukraine
0 0 1
0
0
Print
PETALING JAYA, Malaysia - At least two malicious computer programs or malware that target automated teller machines (ATMs) have been detected since last year, with one of them blamed for a string of ATM thefts in Mexico and the Ukraine.
Malaysian police have not revealed the malware they suspect was used by thieves to infect 18 ATM machines nationwide over the past three days, resulting in the loss of more than RM3 million (S$1.1 billion).
The explanation by police on how the thieves took control of the machines suggests that either malware programme may have been used.
The first, Backdoor.Ploutus was detected on Sept 4 last year, while the second, Backdoor.Padpin, was discovered on May 9, according to antivirus firm Symantec's threat listing website; (www.symantec.com/security_response/landing/azlisting.jsp).
Both are trojan programs, a type of malware that secretly carries out certain actions in the infected computer when activated.
Police said the thieves inserted a CD-ROM into each of the machines and launched the "ulssm.exe" file which infects the ATM.
They then entered a code using the ATM's keypad that enabled them to withdraw the cash from the machine.
Backdoor.Padpin creates the "ulssm.exe" file in the infected ATM as one of the steps to take control of the machine.
Backdoor.Ploutus allows an attacker to control an ATM using a mobile phone connected to the machine.
- See more at: http://news.asiaone.com/news/crime/malware-blamed-atm-thefts-mexico-and-ukraine#sthash.byEufnen.dpuf
 
Top