EU ATM malware attacks ATMs in Europe: for your security, choose contactless card or mobile payments

A formidable malware called “EU ATM Malware” is currently rampant in Europe, compromising nearly 60% of ATMs. This malicious software, a sophisticated malware-as-a-service, threatens banking security and that of users, and could spread to other Western countries.

This is not a bug, such as the one that allowed students to withdraw more than $40 million. Having recently appeared, this extremely well-crafted malware specifically targets ATMs in Europe. It panics banking authorities, and according to estimates by cybersecurity experts at the National Cyber ​​Security Center (NCSC), this malware has already managed to infiltrate nearly 60% of the continent’s ATM fleet. Its success rate is said to be around 99%, making it a danger of unprecedented magnitude for the European banking sector.

Developed by experienced cybercriminals, this malware uses advanced techniques to hack ATMs, including those manufactured by companies as reputable as Diebold, Hyosung or Hitachi. Once an ATM is compromised, hackers can empty its banknote reserves and pocket up to $30,000 per infected machine. Although ATMs are no longer popular with the French, those who are still used to withdrawing cash from counters will have to change their habits.

A revolutionary malware-as-a-service system

EU ATM malware is not just any malware. It is distinguished by a true economic model. It operates on the basis of a monthly subscription system allowing any cybercriminal to “rent” this powerful hacking tool for a recurring fee. The hackers also offer a 3-day test option for limited access as well as an initial commission supplemented by a percentage of the profits from successful “jackpottings”.

This new malware-as-a-service system is increasingly widespread in the underbelly of the dark web, proof of its effectiveness and “success”. It democratizes access to high-performance malware, previously reserved for elite groups, by making it available to as many people as possible under a familiar economic model. The security implications are extremely concerning.

EU ATM Malware also uses jackpotting, a technique which consists of completely emptying the banknote reserves present in a compromised ATM. This is a particularly devastating physical attack, which can cause enormous financial losses for the targeted banks and institutions.

Security Tips for the EU ATM Malware Threat

Fearing the spread of this malware to other European countries and around the world, it is up to users to exercise the greatest caution and take precautionary measures. Stay aware of your surroundings and any surveillance devices (cameras, etc.) installed near the counters if you need to withdraw cash.

Where possible, favor dematerialized payments, by contactless bank card or by mobile payment. These solutions limit the risks of being confronted with an ATM potentially compromised by EU ATM malware.

Banks and financial institutions are also called upon to drastically strengthen their IT security, surveillance and intervention measures to counter this new kind of threat. Software updates, ATM system integrity checks and increased staff vigilance are all avenues to explore. At the time of writing, we do not know whether the French CB network, which manages 50,000 ATMs, is affected by this malware or whether it will affect French ATMs during the Paris 2024 Olympic Games.

Sources: Daily Dark Web, Cybersecurity Insiders, Bank cards