Cyber criminals are using a new form of ‘invisible’ malware to attack banks around the world.
Attacks have already been carried out on 140 banks and financial institutions across the globe, where hackers have been able to steal passwords and financial data.
The attacks occur when cyber criminals target the computers that operate automatic teller machines.
The malware is able to lay undetected within the memory of a bank’s computer system where it collects passwords of system admins which it feeds back to a server controlled by the hackers. The passwords are then used to remotely control the computer system of the bank.
Kaspersky Labs who discovered the malware said in a blog post they have no idea who is behind it.
“The use of open source exploit code, common Windows utilities and unknown domains makes it almost impossible to determine the group responsible – or even whether it is a single group or several groups sharing the same tools”, Kaspersky said.
“What’s interesting here is that these attacks are ongoing globally against banks themselves,” Kurt Baumgartner from Kaspersky Lab told Ars Technica.
He went on to say that people behind the attacks are “pushing money out of the banks from within the banks,” by targeting computers that run automatic teller machines”.
“The banks have not been adequately prepared in many cases to deal with this”, he added
Kaspersky says the malware has been used in attacks against 140 banks, governments and telecoms companies in 40 different countries.
While the US has been hit hardest by the malware, with a total of 21 attacks, the UK, France, Kenya and Ecuador are the other nations most affected.
There have been no reports of the malware being used against banks in Thailand, but Kaspersky says incidents have been reported in neighbouring Cambodia, as well as in Vietnam and Indonesia.