Cybercriminals launch invincible malware attacks on ATMs in 40 countries

• Steals passwords financial data
• Experts seek measures against Nigeria’s vulnerability

Cyber criminals appear to have stepped up their games, as they have unleashed an invincible malware attacks on Automated Teller Machines (ATMs) of banks.

According to MailOnline, passwords and financial data have been stolen from more than 140 banks and other enterprises in 40 countries using the organisations’ own software within the last few months.

Experts have therefore sought increased measures against Nigeria’s vulnerability, calling for concerted efforts between the Central Bank of Nigeria (CBN) and the financial institutions in the country to safeguard the operations of about 17, 398 ATMs in the country. The ATMs carried out about N4.9 trillion worth of transactions in 2016.

The digital strikes targeted computers that operate ATMs, letting hackers ‘push money out of the banks from within the banks’. The malware hides itself in the computer’s memory to avoid detection, and researchers say they have no idea who is behind it.

“It is not known who is behind the attacks, Kaspersky Labs, who discovered the exploit,” said. “The use of open source exploit code, common Windows utilities and unknown domains makes it almost impossible to determine the group responsible – or even whether it is a single group or several groups sharing the same tools,” it stated.

The U.S., France, the U.K., Ecuador and Kenya are the top five nations affected by the hack, with the U.S. being the hardest hit with 21 incidents.
Other countries include Brazil, Tunisia, Egypt, Russia, Turkey, Israel, Uganda, Spain, Saudi Arabia, China, Congo, Libya, Peru, Tanzania, Kazakhstan, Ukraine and others. The hit enterprise includes the banks, government organisations and telecommunications companies.

The ATM Industry Association (ATMIA) said there are now close to three million cash machines installed worldwide. Accordingly, the code invisibly collects the passwords of system administrators so that the attackers could remotely control the victim’s systems.

“The ultimate goal appears to have been access to financial processes,” said Kaspersky Lab expert, Kurt Baumgartner, adding, “What’s interesting here is that these attacks are ongoing globally against banks themselves. The banks have not been adequately prepared in many cases to deal with this.”

Baumgartner went on to say that those conducting the attacks are “pushing money out of the banks from within the banks” by targeting computers that operate ATMs.

Unlike most other attacks, it drops no malware files onto the hard drive, but hides them in the memory. This combined approach helps to avoid detection by white listing technologies, and leaves forensic investigators with almost no artefacts or malware samples to work with.

Speaking to The Guardian, on the issue as it relates to Nigeria, the Chief Operating Officer, Manna Microfinance Bank, Tobe Nnadozie, the cyber attacks target mostly online platforms in Nigeria.

He stressed that banks that also try to do short cut by running payments on plain platforms without the security layers are the first set of casualties this will hit.

According to him, when the cyber fraudsters want to attack, they start with avenues they can easily penetrate. “Unfortunately for the industry, except we move on time, if they are able to hack into all these avenues, the danger is that there may be other bank cardholders that transact on these unsecured layers or the expired certificate layers and they will get their fingers burnt.”

Nnadozie stressed the need for continuous education, saying that due to apathy to customer enlightenment, lack of cohesion among the financial institutions in Nigeria, players do their own education separately. “This will not work. It is the industry that will be affected by this cyber attack, so there is need for more cohesion in our messages. What currently operates now is that when bank A brings out an advert that says customers should watch out for this and that, bank B will not want to bring out the same in order not to be labelled as a copycat. This trend has even moved to the Micro Finance banks.”

He urged the CBN to lead the cause by running continuous awareness programmes in different languages on this menace; as most people still not know that phishing (tricking people into disclosing their bank details) is on the increase.

The truth about Nigeria is that apart from the ATM cards and ATM terminals, most other platforms are heavily prone to fraud because people are trying to beat the standard and in the course of doing such they create opportunities for fraudsters.

Nnadozie stressed that as the fraudsters are changing their games, Nigeria too should up the ante to fight the menace, and called for effective legislation to curb the trend. “The jail term should be commensurate punishment for offenders caught, if not, more people will be attracted to the crime.”

To the Director-General, Delta State Innovation Hub, Chris Uwaje, the challenge is that the ATMs don’t have indigenous language, which makes users more vulnerable.

Uwaje said malware are designed in specific modular languages following a particular route and because the software that drives most of the ATMs in the country are in the cloud, they are controlled by other people.