A formidable malware called “EU ATM Malware” is currently rampant in Europe, compromising nearly 60% of ATMs. This malicious software, a sophisticated malware-as-a-service, threatens banking security and that of users, and could spread to other Western countries.
This is not a bug, such as the one that allowed students to withdraw more than $40 million. Having recently appeared, this extremely well-crafted malware specifically targets ATMs in Europe. It panics banking authorities, and according to estimates by cybersecurity experts at the National Cyber Security Center (NCSC), this malware has already managed to infiltrate nearly 60% of the continent’s ATM fleet. Its success rate is said to be around 99%, making it a danger of unprecedented magnitude for the European banking sector.
Developed by experienced cybercriminals, this malware uses advanced techniques to hack ATMs, including those manufactured by companies as reputable as Diebold, Hyosung or Hitachi. Once an ATM is compromised, hackers can empty its banknote reserves and pocket up to $30,000 per infected machine. Although ATMs are no longer popular with the French, those who are still used to withdrawing cash from counters will have to change their habits.
A revolutionary malware-as-a-service system
EU ATM malware is not just any malware. It is distinguished by a true economic model. It operates on the basis of a monthly subscription system allowing any cybercriminal to “rent” this powerful hacking tool for a recurring fee. The hackers also offer a 3-day test option for limited access as well as an initial commission supplemented by a percentage of the profits from successful “jackpottings”.
This new malware-as-a-service system is increasingly widespread in the underbelly of the dark web, proof of its effectiveness and “success”. It democratizes access to high-performance malware, previously reserved for elite groups, by making it available to as many people as possible under a familiar economic model. The security implications are extremely concerning.
EU ATM Malware also uses jackpotting, a technique which consists of completely emptying the banknote reserves present in a compromised ATM. This is a particularly devastating physical attack, which can cause enormous financial losses for the targeted banks and institutions.
Security Tips for the EU ATM Malware Threat
Fearing the spread of this malware to other European countries and around the world, it is up to users to exercise the greatest caution and take precautionary measures. Stay aware of your surroundings and any surveillance devices (cameras, etc.) installed near the counters if you need to withdraw cash.
Where possible, favor dematerialized payments, by contactless bank card or by mobile payment. These solutions limit the risks of being confronted with an ATM potentially compromised by EU ATM malware.
Banks and financial institutions are also called upon to drastically strengthen their IT security, surveillance and intervention measures to counter this new kind of threat. Software updates, ATM system integrity checks and increased staff vigilance are all avenues to explore. At the time of writing, we do not know whether the French CB network, which manages 50,000 ATMs, is affected by this malware or whether it will affect French ATMs during the Paris 2024 Olympic Games.
Download
- Send money without providing your RIB
- No need to add beneficiaries
Paylib is an application that allows its users to send payments using a phone number as an identifier. Its main ambition is to allow you to do without the IBAN to make a transfer. We appreciate its ease of use although we admit that the minimalist interface can be disconcerting, compared to most competing applications.
Paylib is an application that allows its users to send payments using a phone number as an identifier. Its main ambition is to allow you to do without the IBAN to make a transfer. We appreciate its ease of use although we admit that the minimalist interface can be disconcerting, compared to most competing applications.
Sources: Daily Dark Web, Cybersecurity Insiders, Bank cards
24