Connect with us

Business

THREAT ACTORS DEMONSTRATE PERSISTENT INTEREST IN ATM MALWARE

By Amina Bashir, Associate Product Manager, Flashpoint

As giant boxes of cash, it’s understandable that ATMs are magnets for nefarious activity. Like many other forms of financially motivated crime, malicious activity against ATMs is supported by an underground ecosystem of illicit offerings and resources, as evidenced across Flashpoint’s datasets.

For example, information sourced across illicit online communities, encrypted chat services, and paste sites shows threat-actor mentions of ATMs on a par with mentions of distributed denial-of-service (DDoS) tools and attacks, far exceeding mentions of Remote Access Trojans, crypters, botnets, and ransomware. The interest in ATM malware and attacks is persistent and should be on the radar of financial institutions and ATM manufacturers alike.

Here’s a look at some known threats to ATMs:

 

Skimmers and Shimmers—Skimmers and shimmers are small, physical devices which are inserted into ATMs to steal payment card data. They are a popular commodity among fraudsters, but some criminals favor a more straightforward form of theft: directly stealing cash from the machine.

 

ATM Jackpotting—Jackpotting is the manipulation of an ATM so it ejects the cash within. It is often carried out with the help of specialised malware sold on illicit online marketplaces. During the past several years, malware-enabled ATM jackpotting attacks have been reported worldwide, from Europe and the U.S., to Latin America and Southeast Asia.

 

ATM Malware—ATM malware continues to be popular among threat actors operating across various platforms. Analysts have observed that ATM malware appears to be sold by only a few threat actors, some of whom may be associates. This is in contrast to other types of malware, which are sold by a wide range of vendors.

 

Inside the ATM Malware Market

WinPot, Cutlet Maker, and Yoda are among the most mentioned ATM malware variants. Due to similarities in posts, it is possible that some of these malware families are being created or sold by associated—if not the same—threat actors. Moreover, Flashpoint analysts have noted that many threat actors who advertise ATM malware also peddle other offerings on the cybercrime underground, including carding services and access to compromised bank accounts.

Uniquely among cyber threats, ATM malware attacks inherently require a physical presence at the targeted site. In fact, since most common and popular ATM malware variants are installed via USB, where attackers must physically open the machine’s exterior panel and connect an external device—attacking an ATM is hardly an inconspicuous endeavour.

And while some forms of ATM malware, such as ATMitch, can be administered without physical access to the machine by leveraging a known exploit against a financial institution’s servers, such an attack still requires the threat actor or a money mule to physically retrieve the stolen cash from the machine. As such, jackpotting crews are known to select their targeted sites carefully; ATMs stationed not at banks, but rather at small businesses, shopping centres, gas stations, and other retail locations are the most desirable targets for jackpotting crews.

So, in addition to keeping ATMs updated with the latest security software and patches, one of the best ways for operators to avoid being targeted in a malware attack is to noticeably bolster actual and perceived physical security at ATM sites. For example, an outdoor ATM set back from the sidewalk in a poorly-lit area could be a natural target for jackpotting, but the addition of motion-activated floodlights and conspicuous security cameras monitoring the premises from several angles to avoid blindspots could immediately deter threat actors.

In addition to enhancing visibility and surveillance, changing the lock on an ATM’s exterior panel is another simple way to thwart threat actors sniffing out vulnerable ATMs that use a generic, mass-produced key provided by the manufacturer.

 

Assessment

Despite being controlled by a relatively small number of threat actors, Flashpoint analysts believe the underground market for ATM malware will continue to flourish, serving a global customer base of threat actors and posing a threat to financial institutions and ATM manufacturers worldwide.

Flashpoint analysts have observed wide variance in the price of ATM malware within illicit marketplaces, from as low as $25 USD up to $5,000 USD depending on the malware being offered, in addition to other factors, such the vendor’s reputation and level of customer support, customisation, and bundled services.

For insight into the broader market for malware and other illicit offerings, download Flashpoint’s Pricing Analysis of Goods in Cybercrime Communities report.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

MAKING THE (ENTERPRISE) GRADE IN LOW-CODE SOFTWARE

SOFTWARE

By Willem van Enter, Vice President EMEA, OutSystems

 

We all use software applications every day, all the time. That part should make sense to everybody. With many of us now happy to call ourselves digital natives, the question is not whether we are going to use apps to make our lives better; it is now a question of which apps we will choose to build our personal workflows around.

This ubiquity of software penetration is a good thing. It allows us to automate our work (and indeed personal) lives in a manner that we may never have considered, even as recently as the turn of the millennium.

But there’s a bigger challenge here.

More users need more apps in more places with more functions spanning more data sources connected to increasingly complex analytics engines, and all of that software has to be deployable across an ever greater number of device form factors and platforms.

 

Low-code validation

Once an IT shop is empowered with low-code efficiency, the speed of development and release can rise sharply. But no business should expose themselves to this level of power without first thinking about all the control mechanisms needed to be able to accommodate new low-code-created apps.

 

Policy, provenance & policing

We’re talking about areas such as user provenance checks (so that we know who built which piece of software and if they were supposed to), policy controls (so that we know which software is accessing which data sources and whether it is supposed to) and areas like scale-provisioning (so that an organization’s IT estate can cope with a much higher throughput of information) and so much more.

The move to taking advantage of low-code software development is happening already. But, for enterprise organisations large and small to truly take advantage of the efficiencies it offers, they need to have faith in the ability of any platform’s ability to ultimately deliver workable, serviceable, functioning enterprise-grade software.

They need, to coin a phrase, to know that low-code makes the grade to enterprise-grade. So, what elements of core form and functionality should they look for?

 

Making the enterprise-grade grade

Building secure enterprise-grade low-code software is imperative; obviously, it is. Secure software development in this space is so fundamental that efficient low-code platforms will always be presented with security controls as an inherent and implicit part of their core functionality.

Nobody expects business applications designed to serve potentially millions of users with digital experiences to let them down, so enterprise-grade security, scalability, governance and performance should form key elements in the platform and toolsets that are used.

Because low-code is typified by a high degree of automation, an effective low-code approach should offer hundreds of automatic security and risk controls in its portfolio. But implementation is just the first step; an always-on monitoring and operations source also needs to exist for the customer to be able to assess their risk factors at any given time.

 

Climbing the scalability peak

Enterprise-grade low-code software may start off as an experimental application or some level of prototype or test case. Its speed of development naturally gives rise to its use in this type of development. But when an application (or some other code-based data service) hits the spot, the team behind it will need to know that it can scale.

Let’s say a small medical tech lab develops an application that helps track some aspect of disease outbreaks that takes a radically new approach in some way. If a viral pandemic ensues, then that software would need to scale seamlessly from something smaller than departmental level to an Internet-wide deployment – all without rewriting any code or hitting a wall.

Climbing the peak to true enterprise-grade scalability with low-code software involves taking advantage of technology that includes containers and microservices. Only by ‘thinking small’ in this sense can you consider being able to ‘think big’ later on and build mission-critical apps that scale to support millions of concurrent processes.

 

Governing principles

Within all of this discussion, it will be crucial to keep an eye on governance so applications built with low-code platforms can comply with controls such as GDPR, Sarbanes-Oxley, PCI, FedRAMP and more. The proven way of doing this is to use low-code development tools that offer a fine-grained control of your software portfolio with the ability to perform dependency checking, audits and validation.

There’s a human factor here, too, i.e., organisations can rely on low-code automation advancements for a lot, but they also need to think about establishing teams that can work simultaneously and keep conflicts to a minimum.

Finally, let’s mention performance. It’s a key measure of how and why any piece of software was developed in the first place. Software needs to work, it needs to drive business forward, and it needs to do so at a pace that is commensurate with and proportionate to the use case requirements behind why it was developed in the first place.

In the low-code universe, we have the ability to deploy enterprise applications that are automatically optimized to ensure they perform as designed and expected. We also have the ability to use pre-built connectors that integrate with automated enterprise logging technology, which gives developers real-time performance monitoring feedback to help avoid possible bottlenecks.

Low-code software application development can offer all of these features, controls and characteristics, so organisations can be assured that low-code does make the grade for enterprise-grade. All that’s needed is for the customer themselves to know how high low-code can go to be able to graduate to this new grade of efficiency.

 

Continue Reading

Business

CORONAVIRUS: FURLOUGHED WORKERS AND WHAT IT MEANS FOR BUSINESS

CORONAVIRUS

by Tina Chander, Wright Hassall

 

c

All businesses with a PAYE scheme in place on 28 February 2020, regardless of size or sector, will be able to benefit from the scheme with the government reimbursing employers up to 80% of their employees’ wages, to a maximum of £2,500 per month, plus employer’s NICs and auto-enrolment pension contributions.

Employees on agency contracts and flexible or zero hours contracts can also benefit from the scheme. In addition, the scheme also covers employees who were made redundant since 28 February 2020, if they are rehired by their employer.

 

Furloughed workers: what does that mean?

Businesses have to ‘designate affected employees as furloughed workers and notify your employees of this change’. However, employers still have to heed employment law which means that, having designated those employees whose jobs were at risk, they will need to agree with those employees that they will be ‘furloughed’.

Given the extraordinary situation prevailing at the moment and given the alternative to being furloughed, it is likely that most employees will agree to the terms.

For those workers who do not agree, they will either have to take unpaid leave for an indeterminate period or employers are likely to have to go down the redundancy route. It should be noted that furloughed workers are designated by the employer – an employee cannot ‘self-designate’.

 

Eligibility

Employees hired on or after 1 March 2020 are excluded from the scheme, presumably to stop people ‘gaming’ the system by hiring family members after the scheme was announced and then furloughing them.

However, those businesses that have made people redundant since 28 February 2020, can re-employ them and then furlough them. To qualify for payment under the Job Retention Scheme, an employee must be furloughed for a minimum of three weeks in order to prevent employers putting staff on a furlough ‘rota’ i.e., one week on furlough, one week off.

 

Who can be furloughed?

Normal employment law still applies so employers must not discriminate when deciding who to furlough. Employees returning to work after a period of sickness absence, or self-isolation, can be furloughed, however they cannot be furloughed whilst they remain on a period of sickness absence or self-isolation.

Furlough will only take effect when this period comes to an end. Employees who are “shielding” however, will be eligible to be furloughed. Employees on maternity leave can be furloughed if they agree to return to work early or change to shared parental leave, alternatively they will remain on Statutory Maternity Pay where this is applicable and will not be furloughed until their return.

When agreeing changes and moving to furlough status, it is important to remember that normal employment law processes apply. Employers must be careful not to discriminate against any employees when deciding who to offer furlough to.

 

Furloughed workers remain employed but must not work

Assuming the designated employee has agreed to be furloughed, they cannot undertake any work for their employer at all. If the employee continues to work, even reduced hours, they are not eligible for the scheme. The good news for furloughed staff is that they can volunteer or undertake training providing neither activity generates income for their employer. Whether or not people can take advantage of this while confined to their house is, of course, another matter altogether.

 

How it will work?

While furloughed, the government will pay related employment costs including pension contributions and NICs (but not commission or bonuses) in addition to wages. All furloughed workers will remain employed by their employer for the duration of the scheme.

Employers can make up the missing 20% of their employees’ salaries but that is their choice (or ability to pay). There is no legal obligation for the employers to top up the salary to 100%, but any contractual clauses regarding withholding pay and deductions should be taken into account when this decision is being made.

For those employees who are furloughed, their employment status will change but their employment record remains continuous.

Employers need to give HMRC a list of furloughed employees. Employers pay their workers as usual, via PAYE, and then apply for funding, every three weeks (not weekly) to cover 80% of their wages (up to £2,500 of gross pay).

You will receive a grant from HMRC to cover the lower of 80% of an employee’s regular wage or £2,500 per month, plus the associated Employer NICs and minimum automatic enrolment employer pension contributions on that subsidised wage. Fees, commission and bonuses should not be included.

For workers whose pay varies, the 80% is based on the higher of:

  • the earnings in the same pay period in the previous year; or
  • the average earnings in the previous 12 months (or less, if they’ve worked for less).

If employees paid the minimum wage are furloughed, the fact that 80% of their earnings will bring their wages below the NMW does not contravene the legislation as people are only entitled to the NMW if they are working. They can, however, claim the NMW if undertaking training.

The HMRC system through which payments can be made should be up and running by the end of April. The scheme is expected to run for three months, subject to review.

 

Continue Reading

Magazine

Partner Events

Trending

SOFTWARE SOFTWARE
Business20 hours ago

MAKING THE (ENTERPRISE) GRADE IN LOW-CODE SOFTWARE

By Willem van Enter, Vice President EMEA, OutSystems   We all use software applications every day, all the time. That...

INSURANCE INSURANCE
Top Stories20 hours ago

IS PRIVATE PLACEMENT LIFE INSURANCE THE PERFECT PRODUCT FOR GLOBAL HNW FAMILIES

By Louis Zuckerbraun, Managing Director, GMG Insurance    Everyone wants to know that their family will be okay after they...

FINTECH FINTECH
Top Stories20 hours ago

FINTECH IN AFRICA: WHY THIS MUSTN’T BE A DECADE OF WASTED POTENTIAL

Albert Maasland, Chief Executive Officer at Crown Agents Bank  The current COVID-19 pandemic is an unprecedented crisis of our times....

CLAIMS CLAIMS
News20 hours ago

NEW TECHNOLOGY PLATFORM REDUCES CLAIMS PROCESS FROM WEEKS TO MINUTES

New platform has potential to cut fraudulent claims by almost half Decrease claims costs by as much as two thirds...

CORONAVIRUS CORONAVIRUS
Business20 hours ago

CORONAVIRUS: FURLOUGHED WORKERS AND WHAT IT MEANS FOR BUSINESS

by Tina Chander, Wright Hassall   c All businesses with a PAYE scheme in place on 28 February 2020, regardless of size...

CAR INSURANCE CAR INSURANCE
Wealth Management20 hours ago

FIVE THINGS YOU’RE DOING THAT ARE INVALIDATING YOUR CAR INSURANCE

Car insurance is a legal requirement for motorists, but many drivers may be unknowingly voiding their policy. Failing to update...

CORONAVIRUS CORONAVIRUS
News20 hours ago

CORONAVIRUS PANDEMIC, STORE CLOSURES, SHIFT CONSUMER BUYING BEHAVIOUR LEADING TO ACCELERATED DIGITAL TRANSFORMATION FOR MERCHANTS

Forter Issues First In A Monthly Series of Coronavirus Special Reports  Forter, the leader in e-commerce fraud prevention, today announced...

FINANCIAL FINANCIAL
News20 hours ago

BTON FINANCIAL PARTNERS WITH GENESIS TO AUTOMATE TRADING FOR ASSET MANAGERS

BTON Financial, the independent outsourced dealing desk for asset managers and genesis, the Low Code Application Platform for Capital Markets,...

DIGITAL TRANSFORMATION DIGITAL TRANSFORMATION
Technology2 days ago

HOW TO KEEP DIGITAL TRANSFORMATION ON TRACK AFTER THE PANDEMIC

Ashley Coker, CEO and founder, Slate   Introduction The global coronavirus health emergency has made it abundantly clear how dependent...

DIGITAL BANKING DIGITAL BANKING
Banking2 days ago

THE FUTURE OF CUSTOMER EXPERIENCE IN DIGITAL BANKING

By Richard Billington, Chief Technology Officer, Netcall Over the past five years, the digital banking revolution has had a seismic...

COVID-19 COVID-19
Banking2 days ago

TRANSFORMING BANKING: WHY COVID-19 IS UNFREEZING CONSUMER HABITS

Raj Chakraborty, Senior Managing Director, Publicis Sapient   There is much debate about the impact of COVID-19 on the economy....

LEASE LEASE
Business2 days ago

IS YOUR OFFICE LEASE CRUSHING YOUR BOTTOM LINE? YOU HAVE OPTIONS

By Jonathan Wasserstrum, Founder / CEO, SquareFoot These are unprecedented times for us all. Nobody has a playbook to get...

HOME HOME
Wealth Management2 days ago

THE TRIALS AND TRIBULATIONS OF TRADERS TRADING FROM HOME

Steve Haworth, CEO of TeleWare Group Banks had hoped to keep their London trading floors open amid the worsening coronavirus...

OPEN BANKING OPEN BANKING
Banking2 days ago

HOW WILL REVOLUT’S MOVE INTO OPEN BANKING AFFECT US?

By Richard Mathias, Senior Technology Architect at LiveArea Despite current uncertainty, the financial services sector is experiencing transformative change year...

AUTHENTICATION AUTHENTICATION
Technology2 days ago

IN CONSUMER BIOMETRICS WE TRUST: AUTHENTICATION FOR THE DATA PRIVACY AGE

Jonas Andersson, Head of Standardization at Fingerprints Data privacy is high on the global agenda. In the wake of data...

COVID-19 COVID-19
Business7 days ago

CAPITAL MARKETS – LIQUIDITY MANAGEMENT DURING COVID-19

Tony Farnfield, Partner at management and technology consultancy, BearingPoint   When “Dr. Doom” predicted the 2008 financial crisis back in...

SONY BANK SONY BANK
News7 days ago

SONY BANK SECURES AND ENHANCES MOBILE BANKING WITH ONESPAN’S MOBILE SECURITY SUITE

App shielding, biometric authentication and additional technologies secure and improve the customer experience for Sony Bank’s mobile banking app  ...

MOBILE BANKING MOBILE BANKING
News7 days ago

KOREA’S KB BANK USES TRUSTONIC IN-APP PROTECTION TO ENHANCE MOBILE BANKING EXPERIENCE

Using Trustonic Application Protection enables KB Bank to dramatically improve the authentication experience for users of its mobile banking app...

Customer Customer
News1 week ago

CUSTOMER CARE TODAY WILL BUILD RESILIENCE FOR FUTURE CRISES

Cathal McGloin, CEO of ServisBOT writes, “The COVID-19 pandemic has created major spikes in calls to financial sector helplines dealing with customers...

CREDIT CARD MARKET CREDIT CARD MARKET
Banking1 week ago

THE CO-BRAND CREDIT CARD MARKET – SINK OR SWIM

By Chris Vinnicombe, VP Financial Services at Acxiom The co-brand credit card market is the result of the partnerships between...

Trending