Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
Tyupkin malware has been installed by hackers on ATMs all over the world. Europe got hit first, making millions for the hackers behind the attack. Now, Internet security firm Kaspersky and Interpol caution that the US and India may be the next targets.
Tyupkin Malware Was an Organized Attack
The Tyupkin malware attack was very well orchestrated when it hit Eastern Europe. Over 50 ATMs running the Windows operating system were infected. The hackers used a bootable CD and a malware kit. Other members of the group would then visit the infected ATMs to enter a code. The code would allow them to withdraw cash at specific times on Sunday and Monday nights. They were able to get as many as 40 notes from each machine. The malware and the key would work only once after it was activated, so the group had only a small window in which to operate. This meant that other people could not take advantage of the malware.
Kaspersky began observing the spread of Tyupkin malware in January this year. They were alerted to the scheme when a certain bank asked for their assistance. Vicente Diaz of Kaspersky Lab did not consider the attacks to be as sophisticated as some other ATM attacks. But the Tyupkin malware attack was very effective in part because of its smooth execution. The South America attack using Ploutus malware this year was executed by cleverly sending a text message to the ATMs. But the physical installation of the Tyupkin malware was more expertly accomplished. The Tyupkin malware hackers have made much more with their scheme.
Tyupkin Malware Targets Banks Because of Inadequate Security
Banks have been warned many times by security experts that they need to upgrade their security systems. ATMs are especially vulnerable because their operating system weaknesses are rarely given adequate attention. Kaspersky says that the hackers behind Tyupkin malware have worked on developing it in recent months. It can now evade detection by security software Solidcore from McAfee. Banks in the US and India have been warned that their ATMs are probably already infected with Tyupkin malware. The UK, however, is still safe, the company said. Nevertheless, banks everywhere need to take action to secure their machines from Tyupkin malware and many other attacks that they are vulnerable to.