How Hackers Steal From ATMs

ByInigo Monzon

Oct 09, 2014 03:08 AM EDT

Researchers from the private tech firm Kaspersky Lab revealed how hackers are able to steal money from automated teller machines (ATMs), BBC reported.

According to the researchers, who are based in Moscow, Russia, cyber criminals use a malware to gain access and manipulate the operations of the cash machines.

Based on their studies and investigations, the criminals insert a bootable CD inside the ATM to install the malware. Experts from the lab identified the malware as Tyupkin. Investigators confirmed that this is the software used in most ATM-heists in Asia, Latin America and Europe, according to My Broadband.

Once installed, the attackers reboot the system of the infected ATM.

At this point, the machine is now completely under the control of the criminals. But in order to withdraw the cash inside, they need to type in specific commands to activate the malware.

Since Tyupkin only accepts commands during specific hours on Sundays and Mondays, these are the days when hackers attack ATMs.

Once the malware has been activated, the criminals enter a unique combination of digits using the number pad of the machine. This will then prompt the ATM to display on its screen how much money is available in each of its cassette, which is the storage container for bank notes, Wall Street Journal reported.

From here, the criminals can choose which cassette to take money from.

After revealing how ATM criminals operate, researchers from the lab highly recommend banking institutions to improve the safety features of their machines.

For starters, since malicious operators need to physically access the machines in order to rob them, banks should replace the locks and master keys of the ATMs. In addition, they also need to install an alarm system to deter criminals.

Most importantly, ATMs should be equipped with up-to-date antivirus protection to prevent the malware from infecting their systems.