Lighthouse Technology Solutions Blog

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Posted by on in Security

The Coding For Your ATM Shouldn’t Be as Dirty as Its Cash

b2ap3_thumbnail_atm_malware_threats_400.jpgMalware that targets ATMs isn’t a new concept. After all, ATMs use internal computers that can be hacked just the same as any old workstation. The prime difference is that hacking into an ATM allows for a direct dispensing of cash, rather than some crafty behind-the-scenes action. A new type of ATM malware, titled GreenDispenser, is a cause for concern in Mexico, and could spread to other countries if left unchecked.

As mentioned, there are other types of malware that target ATMs almost exclusively, including a backdoor called Ploutus. Just like GreenDispenser, Ploutus originated in Mexico, and allowed criminals to steal money from ATMs by sending commands through the PIN pad or through a keyboard. Later versions allowed hackers to send a text message to the ATM to distribute cash. While this ATM malware originated in Mexico, it’s suggested by Ploutus’s English localization that it was designed for use in other countries.

Other types of ATM malware include Tyupkin, which was used to infect ATMs in Eastern Europe, as well as another called Suceful, which was designed to lock cards inside the machines and release them upon a command. Thankfully, the common trend with these types of malware appears to be that they almost exclusively require physical access to the ATM in order to exploit. It’s suggested that the increase in ATM hacking attacks is occurring due to the adoption of chip-enabled cards by the everyday user.

GreenDispenser forces the ATM to display an error message claiming that the machine is out of service, but in actuality, hackers can bypass this error by plugging in a predetermined PIN that’s been hard-coded into the malware. GreenDispenser also has some other quirks that distinguish it from the ATM malware systems. As explained by ComputerWorld:

Interestingly, GreenDispenser uses some type of two-factor authentication. After the hard-coded PIN is entered, the ATM will display a QR code, which the criminals probably scan with a mobile application in order to obtain a second, dynamically generated PIN. The second PIN unlocks an interaction menu on the ATM that gives attackers control over the cash dispenser. Another option on the menu allows criminals to uninstall the malware in a way that securely wipes it and makes it hard for forensics teams to later recover it.

While this increase in ATM hacking is thought to stem from an increase in card encryption technology (making it significantly more difficult to steal information through card skimming), another main reason that hackers are targeting ATMs is because many still run on the antiquated Windows XP operating system. This just goes to show that not upgrading away from old operating systems can have dire consequences.

In the case of GreenDispenser, there’s not much for you to do to protect yourself. The victim is the bank or owner of the ATM. But if you do use an ATM, it doesn’t hurt to be aware of security risks. Check to see if the ATM is under surveillance. If it’s pretty obvious that there are security cameras on the ATM, or it’s under regular supervision, there’s a smaller chance it’s been tampered with.

With the release of Windows 10 still fairly recent, your organization doesn’t need to deal with old operating systems anymore. Contact Lighthouse Technology Solutions today at 703-533-LTSI (5874) to find out all there is to know about upgrading away from your older Windows models, and ask us about security best practices that can keep your identity and personal information safe while utilizing online services.

Tagged in: Hackers Malware Security

With over 15 users experience of providing IT solutions and advice. Mixing innovations in technlogy with clients requirements is rewarding and inspiring when we sit down to measure the results.


  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Sunday, 25 October 2020

EasyBlog Latest Blogs

Things That Go Bump in the Server Closet
Halloween is a time to conjure up things that give people the creeps. Scary sounds are just one way to send shivers up the spine. Sounds like, howling werewolves, zombie groans, chainsaws, and bloodc...
Continue Reading...

Latest News

Our Site Has Launched!


Welcome to Our New Site!
We are proud to announce the unveiling of our new website at Lighthouse Technology Solutions!


Contact Us

Learn more about what Lighthouse Technology Solutions can do for your business.


Call us today
703-533-LTSI (5874)

119 Lounsbury Place
Falls Church, Virginia 22046