Kaspersky Lab researchers discovered a new and improved version of the ATM malware dubbed “Skimmer” which targets banks and turns entire ATM machines into payment card skimmers.
The malware is installed either through directly accessing the machine or via the bank's internal network. It is capable of executing 21 malicious commands, including dispensing money, collecting and then printing the payment card and account details, and self delete, according to a May 17 Kaspersky press release.The company did not know how many machines are impacted.
Rather than acting immediately, the cybergang responsible for the malware will often leave the Skimmer active on the machine for months before accessing the data so as to not arouse suspicion, the release said.
The malware is obscured using the commercially available Themida packer which makes it difficult for security staffers to analyze, Kaspersky researchers Olga Kochetova and Alexey Osipov said in a May 17 blog post.
