In 2009, a malicious one appeared software που ονομάζεται “Skimer.” Το Skimer είναι ουσιαστικά ένα malware που δίνει στον hacker πλήρη πρόσβαση σε ένα ΑΤΜ, χωρίς να χρειάζεται να εγκαταστήσει οποιοδήποτε φυσικό υλικό, όπως έναν αντιγραφέα καρτών. Σύμφωνα με μια νέα έρευνα της Kaspersky Lab, το κακόβουλο λογισμικό έχει γίνει πολύ πιο ισχυρό.
Kaspersky discovered the latest version of Skimer this month after investigating illegal withdrawals at a bank. While the bank failed to discover any evidence of what he had received attack, the security firm found that a new version of Skimer had been used. The new version was so improved that it made it harder to detect. In addition, the malware allowed hackers to take full control of each ATM.
Hackers begin by installing a file called Backdoor.Win32.Skimer. The malware hidden in the ATM code stays on hold until the hacker runs it by inserting a specific card.
Kaspersky explains what happens next:
Skimer's graphical interface appears on the screen only after the card has been exported and if the hacker inserts the correct pin key.
With the help of one menu displayed, the hacker can run 21 different commands, such as dispensing money (40 accounts at a time), collecting data from cards inserted into the ATM, self-deleting malware, updating malware (from the updated malware code embedded in the card's chip), etc.
Also, when collecting bank card data, Skimer stores the data and PIN in the chip card of the hacker card.
Traditionally, skimmers are simple devices that can intercept a transaction. ATMs can record your credit card numbers, and with the help of additional technology, such as cameras or keyboard overlays, they can also pin their PINs. If you know where to look, you can see if the ATM has been hacked, although hackers are becoming increasingly sophisticated.
Skimer, on the other hand, is a bit more complicated. It can access ATMs either through physicsaccess, such as a traditional card copier, or through the bank's internal network. Kaspersky warns that ATMs infected with skimmers are not easily distinguishable and difficult to detect:
In the majority of cases, criminals choose to wait for data collection to make copies of cards later. With these copies go to a different, uninfected ATM and withdraw money from customers' accounts. In this way, criminals can ensure that infected ATMs will not be discovered soon.
But let's see Skimer in action: