International criminal group behind ATM malware attacks dismantled

 
Bob Forsyth – Technology Advancement adds to Threat Landscape In his latest blog for Infologue Bob Forsyth, Chief Executive Officer at Kings Security reflects on the recent drone incidents at UK airports and what can be learned from it Read on »
Bobby Logue of Interconnective Ltd Infologue.com Top 30 UK Companies in the Regulated Security Sector 2018 The Infologue.com Top 30 mirrors the regulated private security sector Read on »
Carl Palmer – Choose your Company Values Carefully In his latest blog for infologue Carl Palmer, Exec Chairman at CIS Security writes on the subject of the importance of meaningful values for People in Security, and why. Read on »
Wednesday, 20 February 2019

International criminal group behind ATM malware attacks dismantled

Europol

The Romanian National Police and the Directorate for Investigating Organised Crimes and Terrorism (DIICOT), assisted by Europol and Eurojust as well as a number of European Law Enforcement authorities, disrupted an international criminal group responsible for ATM malware attacks. This operation, one of the first in Europe against this kind of threat, resulted in multiple house searches in Romania and the Republic of Moldova and the final arrest of 8 individuals. The criminals used Tyupkin ATM malware which allowed the attackers to manipulate ATMs across Europe and illegally empty ATM cash cassettes.

The criminal group, composed of Romanian and Moldovan nationals, was involved in large scale ATM “Jackpotting”, causing substantial losses across Europe to the ATM industry. ATM “Jackpotting” refers to the use of a Trojan horse, physically launched via an executable file in order to target an ATM, thus allowing the attackers to empty the ATM cash cassettes via direct manipulation, using the ATM PIN pad to submit commands to the Trojan.

Europol’s European Cybercrime Centre (EC3) supported police forces across Europe in their efforts to identify the suspects by hosting a number of international operational meetings and analysing intelligence. This joint international effort follows on a previous successful action against the threat posed by this type of malware.

Wil van Gemert, Europol’s Deputy Director Operations, commented: “Over the last few years we have seen a major increase in ATM attacks using malicious software. The sophisticated cybercrime aspect of these cases illustrates how offenders are constantly identifying new ways to evolve their methodologies to commit crimes. To match these new technologically savvy criminals, it is essential, as it was done in this case, that law enforcement agencies cooperate with their counterparts via Europol to share information and collaborate on transnational investigations”.

Europol’s European Cybercrime Centre (EC3) recognises the severity of the threat presented by ATM logical and malware attacks and has prepared security guidelines regarding this new cyber threat to ATMs. The production of this document has been coordinated by EAST (European ATM Security Team), and is the first of its kind. The guidance and recommendations regarding logical attacks on ATMs, which also covers malware attacks, is an excellent example of a co-ordinated central response from both Law Enforcement and the industry to fighting ATM malware threats in an effort to respond much more quickly and effectively.

Europol Website


Leave a Reply

Your email address will not be published. Required fields are marked *

*

Interconnective Security Products