Physical Security is Part of Cyber SecurityBy Adli Wahid on 11 Nov 2014
Some of you may have read about a piece of malicious software (malware) called Tyupkin being used for illegally withdrawing funds from ATMs (Automated Teller Machines). If you haven’t then have a look at the Karpesky Lab and the Interpol article.
The timing of the article seemed to coincide well with reports from authorities in Malaysia about criminals using malware to withdraw a lot of money from 18 ATMs around the country.
Malware on other than stock PCs or laptops is definitely interesting to discuss. While there is a lot of discussion about the malware itself, for example, ‘payload’ (what it does) or how it works, it is important also to understand how it gets installed on the ATM in the first place. Your typical malware-of-the-day relies a lot of exploiting client side vulnerabilities (that is, drive-by-downloads) or authentication weaknesses in Internet facing services. But what about ATMs ? How do they got infected to begin with?