CONTINUE TO SITE »
or wait 15 seconds

News

FireEye labs IDs 'shocking' new multivendor ATM malware

Among other capabilities, Backdoor.ATM.Suceful malware can make an ATM retain — and release — a debit card upon a fraudster's command.

September 14, 2015

FireEye Labs, a threat prevention platform developer, says it has identified a new type of ATM malware, Backdoor.ATM.Suceful, that can retain debit cards on infected ATMs, disable alarms, and read debit card tracks.

According to the FireEye blog, Suceful was uploaded to VirusTotal from Russia, on Aug. 25.

"It might still be in its development phase; however, the features provided are shocking and never seen before in ATM malware," the blog said.

Like the earlier viruses Ploutus and PadPin, Suceful interacts with XFS Manager, the interface between the application (malware, in this case) and ATM peripherals (e.g., printer, dispenser, card reader, PIN pad).

One of the most disturbing things about Suceful is that it is device agnostic, FireEye said in the blog:

Every vendor has its own implementation of the XFS Manager with proper security controls in place; however, they also support the default XFS Manager template provided by WOSA/XFS Standard, allowing the attackers to create their own interface with the ATM.

FireEye listed potential capabilities in Diebold Inc. or NCR Corp. ATMs as:

  • reading all credit or debit card track data;
  • reading smart chip data;
  • controlling the malware via PIN pad;
  • retention or ejection of a card on demand (used to steal cards); and
  • suppressing ATM sensors to avoid detection.

"Suceful is the first multivendor ATM malware targeting cardholders, created to steal the tracks of the debit cards but also to steal the actual physical cards, which is definitely raising the bar of sophistication of this type of threats," the FireEye blog said.

Additional information and analysis of the malware's capabilities — including the types of sessions it is capable of carrying out — is available from the FireEye blog.

Included In This Story

Diebold Nixdorf

As a global technology leader and innovative services provider, Diebold Nixdorf delivers the solutions that enable financial institutions to improve efficiencies, protect assets and better serve consumers.

Request Info
Learn More

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf

Software
Top 10 ATM software solutions
Software
Examining the past, present and future of XFS
Commentary
ATM features: 5 to include
Special Report
2024/25 ATM & Self-Service Software Trends
Presented by KAL ATM Software GmbH
Recent Posts
Chime intros card with 1.5% cashback
UC Berkeley selects BMO as official bank
TD Bank bringing dog treat ATMs to 14 locations
Coinbase fights back against bank's claim of stablecoin deposit erosion
Diebold Nixdorf named one of Time's World's Best Companies


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'