Last threat spotted in the wild is the Rufus malware, it is a Chinese malicious code that could be used to compromise ATMs. Indian authorities have observed numerous cyber attacks leveraging this threat. Reports of cyber heists come from West Bengal, Gujarat, Odisha, and Bihar.
The Rufus malware could be used to hack only ATMs running outdated software, all the ATMs targeted by crooks were found to be still using the old versions of Windows XP.
According to The Dailymail, the first attack was reported in Odisha city, the police are working with cyber experts to identify cyber criminals.
The crooks use to target unguarded ATMs nighttime, they infect the system with a pen drive that is inserted into the USB port. Once the malware has infected the ATM, it would restart the system interrupting the connection with the service provider’s servers.
The Rufus malware generates a code after it infected the system, the code is then sent back to the crooks that convert it into a password. Every time the password is entered, the ATM releases the money.
“The malware when used on an ATM generates a code, which the crooks send to their gang members, who convert the code to a password, and as soon the password is applied the ATM dispenses cash,'” reported The DailyMail.
“The officer said banks would not immediately learn about the crime as crooks bypass the server and the hackers swiftly walk away without raising an alarm.”
Of course, such kind of attack is the result of the lack of adequate security measures for ATMs, it is expected that the Indian Government will force ATM manufacturers to upgrade the system running on their machines.
“The government and RBI should make ATM manufacturers compulsorily install new and robust operating systems,” said Mumbai-based cyber lawyer and expert Prashant Mali.
“‘If the government plans to increase the number of ATMs, then it should ensure that they are available whenever needed.”
ATM vendors denied the existence of any security loopholes or other vulnerabilities exploited by cyber criminals.
The Reserve Bank of India is working closely with National Payment Corporation of India to instruct the banks on how to enhance their security.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.