Tuesday, March 17, 2009

Trojan malware for ATM machines?

Jesus, Mary, and Joseph - next you'll find malware in your underwear drawer:

Security researchers from Sophos have discovered sophisticated malware that siphons payment card information out of automatic teller machines made by Diebold and possibly other manufacturers.

Sophos researcher Vanja Svajcer found three samples after combing through VirusTotal and a similar online database earlier this month. If installed, all three trojans contained functions that allowed them to log information recorded by an ATM's magnetic card reader.


Both Svajcer and Zacheroff stressed the trojan could only be installed by someone who had physical access to an ATM, since the devices, obviously, don't have floppy drives and typically run only on private isolated networks. That means the malware could most likely be installed only with help of an insider or in the event passwords weren't managed properly.

Note that ATMs manufactured by Wincor Nixdorf have software designed to thwart this sort of malware. It is possible that a knowledgeable attacker could disable this software, but you'd need more than your typical ATM repairman.

No comments: