Wednesday, September 24, 2014

ALERT: ATM Reader Malware New Focus

Security Researchers at SLC Security Services LLC have been actively monitoring a new potential issue with ATM machines in the US and abroad. We have been contacted by several clients that have complained of blue screen issues with ATM machines over the past few weeks.Upon examination of the operating system logs we are noticing that the machines are blue screening during the read operation of the inserted ATM cards.

One client in particular has seen 4 different ATM locations affected and has had to restart several ATM machines over the past few weeks. Upon examining the ATM machines we have determined that the attack vector is a particular type of overflow in the card reader system. Conventional Anti-Virus software does NOT detect the infection. We have noted that pre-paid credit cards are being used to perform this attempted hack of the ATM machines and the information that is embedded on the magnetic strip is actually binary and attempts to perform some sort of injection of code into the card reader themselves. None of the attempts at our client organization have been successful but this should be a warning that hackers are attempting to attack these machines via the card reader.

We are monitoring the situation for the organization and will post information after law enforcement has concluded their individual investigations.


No comments:

Post a Comment