Security researchers from company Doctor Web they discovered a new one Trojan designed to steal information from ATMs. The threat was named “Trojan.Skimer.18” and is very interesting because it targets devices developed by one of the largest ATM manufacturers in the world.
Malicious software comes as a file DLL which is loaded into operating system targeted machines.
Once it infects an ATM, Trojan.Skimer.18 creates a log file. Then, when someone uses the ATM, it reads and stores them data όπως τον αριθμό της πιστωτικής κάρτας, την date λήξης και η τιμή επαλήθευσης της κάρτας (CVV). Είναι επίσης ικανό να καταγράψει τον κωδικό PIN. Όλες οι πληροφορίες που συλλέγονται αποθηκεύονται στο αρχείο καταγραφής.
ATM manufacturers have designed the machines in such a way that the PIN entry is encrypted. For more security, the encryption key is updated regularly. However, Trojan.Skimer.18 is able to bypass protection mechanisms, and decrypt PINs.