ATMs in Malaysia target of hackers to spit out cash remotely

ATMs in Malaysia target of hackers to spit out cash remotely

Hackers use a malicious software to force ATMs to spit out cash remotely, before the money is collected by mules.

atm-machine-hack
PETALING JAYA:
Malaysia is among 14 countries where cyber criminals have remotely attacked cash machines this year using malicious software, forcing ATMs to spit out cash, according to Reuters quoting a Russian cyber security firm Group IB.

Aware of the attacks, ATM makers Diebold Nixdorf and NCR Corp said they have been working with customers to mitigate the threat.

This followed two ATM hacks in July in which US$2.5 million was stolen from Taiwan’s First Bank, and US$350,000 from Thailand’s Government Savings Bank, after hackers remotely infected their ATMs before forcing them to spit out cash, later collected by “money mules” from Eastern Europe.

Apart from Malaysia, Group IB said victims were located in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain and the United Kingdom.

Hackers have moved from stealing payment card numbers and online banking credentials to more lucrative hacks on bank networks, giving them access not only to ATM machines, but also to electronic payment networks, said the Reuters report.

Last February, Bangladesh’s central bank servers which controlled access to the SWIFT messaging system were compromised, resulting in the loss of more than US$81 million, one of the biggest digital heists on record.

Group IB said the attacks across Europe were done by a criminal group called Cobalt, named after after a security tool known as Cobalt Strike used to hack into bank computers, where emails were infected to take control of ATMs.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.