Trojans hit more ATMs in Eastern Europe

The Register: Security experts have discovered a family of data-stealing trojans that have burrowed into ATMs inEastern Europeover the past 18 months.The malware logs the magnetic-stripe data and PINs of cards used at an infected machine and provides an intuitive interface for retrieving the information using the ATM's receipt printer, according to analysts from SpiderLabs, the research arm of security firm Trustwave. Since late 2007 or so, there have been at least 16 updates to the software, an indication that the authors are working hard to perfect their tool. The software also works with controller cards that allow the attackers to operate infected machines. When such a card is inserted, the ATM's display shows a window offering 10 command options that can be selected using the keypad. Options include the ability to print collected data, restore log files to the condition prior to the malware installation and uninstall the malware altogether. The findings build on a report issued in March by Sophos that documented card-sniffing trojans that targeted ATMs made by Diebold Inc.

Click to continue