Russian ATMs catch new virus

March 20, 2017 RBTH
Virus bypasses security software forcing ATMs to dispatch only large notes.
ATM
The virus does not have a file body, so it is not recognized by antivirus programs. Source: Natalia Seliverstova/RIA Novosti

Russia’s ATMs are being targeted by a new virus that has so far remained undetected by antivirus software, meaning it can exist in cash points indefinitely, according to the Kommersant daily.

The newspaper said it was notified by the Center for Monitoring and Responding to Computer Attacks in the Credit and Financial Sphere (FinCert) about the new type of hacking attack. The virus in question does not target the customer’s actual bank account, only the money inside the cash machine. When a certain code is entered into an infected ATM it releases all large denomination banknotes.

The virus does not have a file body, so it is not recognized by antivirus programs. It can therefore exist in the operating memory of an ATM for an unlimited time. It is the first time such a virus has been detected in Russia although similar cyber-attacks have been reported in other countries.

So far, no simple and effective way to combat the virus has been found. According to Kommersant's sources, the virus can be removed from the operating memory during a reboot, but this is a lengthy process. Therefore, for the time being, bankers can only insure their ATMs against theft.

+
Like us on Facebook