ATM skimming is a serious threat to consumers all over the world, as criminals look to defraud both customers and financial institutions alike. A new malware strain, called Skimer, turns an entire ATM into a skimming device without additional hardware requirements.
Skimer ATM Malware Makes A Return
It is not the first time Skimer ATM malware makes the rounds, as this malware was discovered back in 2009. In fact, it was the first malicious piece of software to openly attack ATMs around the world, allowing criminals to bypass physical skimming and withdraw cash from the machines as well as steal payment card information.
Kaspersky Labs issued a warning on this revised version of Skimer, which still follows the same modus operandi as so many years ago. The security firm has spotted the malware on a bank cash machine not too long ago, and experts have found evidence this malware was planted there in a dormant state. The developers decided to activate the malware at a later date, to use one of two dozen different commands.
One of the biggest challenges for criminals is to ensure devices are infected with Skimer in the first place, as they need to obtain physical access to the devices themselves. A hacking attempt on the bank’s internal infrastructure is an alternative solution to deploy the malware in the system, where it can sit unnoticed for an extended period.
What this nasty type of malware does is infect the core of the ATM responsible for interacting with the banking infrastructure, credit cards, and cash processing. As a result of this modus operandi, entire bank ATMs are turned into skimmers on the software side of things, and no longer require assailants to install deep insert skimmers or similar devices.
Criminals can obtain all sorts of information through the Skimer malware, including sensitive payment card information, bank account numbers, and PIN codes. Moreover, they also gain access to the entire cash processing unit, which allows them to virtually clean out the whole cash supply without much resistance.
So far, Kaspersky Labs has noticed that skimming the card details is the most favourable approach for criminals, as making a direct withdrawal immediately draws attention to a malicious attack. After instaling Skimer, the thieves can activate this malware by inserting a plastic card with certain records on the magnetic strip. This allows the malware to execute hardcoded commands or request commands from its creators.
Header image courtesy of Shutterstock