Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


If you can read this message, please contact us immediately at the following email address:

We'd like to communicate.


(1) Please swing by our "HELP CENTER" to view our forum rules prior to posting or commenting.
(2) Acknowledge that by commenting or posting, you take full responsibility for the content and message of the information you put forth, which does not necessarily reflect the opinions of this website.
(3) If you ever need assistance, simply contact one of the staff or send us an email and we'll be glad to help.

Russian ATMs Spit Out Cash After Malware Attack

Russian ATMs Spit Out Cash After Malware Attack

Tyler Durdens picture
Mar 20, 2017 9:20 AM

Russian daily Kommersant reports that the Bank of Russia detected malware that hides inside ATM’s operating memory which "forces" them to dispense cash to anyone who enters certain code on its keyboard. The paper cites the deputy head of information security Artem Sychev, and adds that cash machines made by NCR were among the ATMs mostly attacked.

Kommersant also writes that according to sources who received the Bank of Russia FinCert newsletter with a description of the virus, the virus in question is the so-called "Disembodied" or Bespalova virus that “lives” in ATM RAM. According to FinCert, the ATM virus was first noticed in Russia for the first time. Since the virus does not have a file body, it can not be removed by anti-virus programs and can live in infected ATM indefinitely, according to sources.

“The virus is aimed at stealing funds directly from the bank teller machine, and is activated after a specific code is punched in, at which point it gives all the cash from the first cassette dispenser, which holds most large bills (denominations of 1 thousand or 5 thousand RUB). The funds will be dispesned to anyone who puts in the proper code, but to most ordinary people it is difficult to pick up, and any attempts to figure it out may trigger the suspicion of the security services of the Bank” – said the source publication.

Sources in banks said that he was shocked by the device’s largest manufacturer of ATMs — NCR. However, Komersant notes that any ATM can be the target.

“The identified vulnerability is not specific to a particular manufacturer, since all the ATMs are running on Windows” said a sources.

Kommersant reports that the bank has not yet found a solution to removing the new virus, and adds that banks can only raise the overall level of security of their networks.

"We are shaped by our thoughts; we become what we think. When the mind is pure, joy follows like a shadow that never leaves."


Sign In or Register to comment.