A new report has detailed how cyber criminals are increasingly targeting ATMs in Thailand and around the world.
The report reveals that rather than try to attack an individual ATM, criminals are instead trying expose software bugs in order to “walk away with fully loaded wallets”.
This is made possible due to the majority of ATMs in Thailand and around the world running on outdated operating systems and software.
Trend Micro claims there are “hundreds and thousands” of ATMs still running Windows XP, which Microsoft no longer protects against security threats, bugs and other vulnerabilities.
“A majority of ATMs installed worldwide still run either Windows XP or Windows XP Embedded. Some of the older ATMs run Windows NT, Windows CE, or Windows 2000. Microsoft,” the report added
The report titled “Cashing in on ATM malware”, which has been released by Europol and security firm Trend Micro, reveals how criminals no longer need physical access to an ATM in order to hijack cash.
The report detailed another method used by criminals which involves them targeting the corporate networks of banks rather carrying out more traditional heists.
The report says the “the cat is out of the bag” and warns that criminals no longer need physical access to a ATM in order to infiltrate it.
Criminals are now able to access the networks of banks by carrying out carefully targeted phishing campaigns which if successful can give them complete access to customer’s accounts.
The report details how criminals were able to steal 12 million Baht from 25 ATMs belonging to Thailand’s Government Savings Bank (GSB).
The criminals, believed to be from eastern Europe, used a sophisticated form of malware dubbed Ripper, which gained access to the bank’s network via an email phishing campaign.
Once it had infiltrated the network the malware was able to spew out 40,000 baht at a time from the compromised ATM which was collected by people on the ground working with the hackers.
The identity of the criminals who carried out the attack on GSB have not been caught and their identities remain unknown.
“ATM malware attacks in various parts of the world continue to make headlines and cause significant costs to the financial industry,” said Martin Roesler from Trend Micro.
“We can gather that the use of ATM malware is becoming more commonplace, with cybercriminals constantly improving their attack methods in hopes of remaining undetected and unapprehended.
“This poses a growing problem to financial institutions,” he added.