A new strain of malware is targeting ATMs in Europe, capable of extracting up to $30,000 (28,000 euros) and being highly effective in 99 percent of cases. The profitability of attacking ATMs is due to the ability to access “live” money. Malicious programs and devices designed for this purpose can be found on the dark web, according to Kaspersky researchers.
Researchers at Kaspersky have identified a new strain of malware based on the XFS standard. This malware provides an API that allows different internal modules of ATMs to be managed independently of the manufacturer. Tools have been developed over the years to test the vulnerability of ATMs to cash withdrawals, with these tools proving effective in targeting ATMs running Windows XP regardless of type. By exploiting vulnerabilities in the XFS standard, attackers can automate cash dispensing with only physical action required.
The new strain of malware targeting European ATMs is 99 percent effective in Europe and up to 60 percent effective in other countries. This suggests that it was specifically created for devices in Europe and indicates involvement from well-prepared developers in its creation and distribution.
