ATM malware theft kit dissected
ATM malware theft kit dissected

Kaspersky Labs has researched an ATM hacking kit it had found for sale on the now defunct AlphaBay darknet marketplace that would allow a criminal to empty an ATM of cash.

Even though the hacking kit in question here was originally found in May, and since removed when AlphaBay was taken down in July, but Kaspersky said similar kits using comparable processes still can be found selling for about $5,000, the same price the initial product cast. The online description for the theft kit describes in detail what one receives along with specific instructions on how to carry out the attack. This includes a list of supplies, how to download the necessary software

Anyone attempting to steal money in this manner has to physically access the ATM, including using a drill to open up an access hatch so a USB drive containing the malware can be connected to the internal PC. Kaspersky notes that the good news is the criminal does not go after specific accounts, but the bank itself by simply draining the machine of money. The company also pointed out that defenses can be put in place such as including default-deny policies and device control which will stop unauthorized people from running code and the latter would stop them from being able to successfully connect a flash drive.