Security researchers have discovered a new ATM malware, “ATMJackpot.” The malware seems to have originated from Hong Kong and has a time stamp on the binary as 28th March 2018.
The malware has a smaller system footprint, it has a simple graphical user interface that displays a limited number of information, including the host name, the service provider information such as cash dispenser, PIN pad, and card reader information.
ATM Malware propagates via physical access to the ATM using USB, and also via the network by downloading the malware on to already-compromised ATM machines using sophisticated techniques.
The malware opens a session with the service providers and registers to monitor events, then it opens a session with the cash dispenser, the card reader, and the PIN pad service providers.
Once the session with service providers are opened, the malware is able to monitor events and issue commands.
Experts believe authors of the malware will continue to improve it and they expect it will be soon detected in attacks in the wild.