ATM Hacking : New Computer Malware (Winpot) Instantly Empties ATM

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Winpot malware
Winpot turns ATMs into slot machines

A recently detected computer malware – Winpot – could be used by cybercriminals to instantly withdraw customers’ money from Automated Teller Machines, ATMs.

This discovery was made by the global cybersecurity firm Kapersky Lab, which warned that the malware was created to resemble an ATM and could be further modified this year by the fraudsters.

A modified Winpot Malware would trick ATM security systems by tricking it into bypassing dispensing limit, thus keeping the money dispensing.

“in march 2018, we came across a fairly simple but effective piece of malware named winpot. it was created to make atms by a popular atm vendor to automatically dispense all cash from their most valuable cassettes. we called it atmpot. the criminals had clearly spent some time on the interface to make it look like that of a slot machine. likely as a reference to the popular term atm-jackpotting, which refers to techniques designed to empty atms.”

Describing how the malware is used, analysts at Kaspersky said, “In the WinPot case, each cassette has a reel of its own, numbered one to four (four is the maximum number of cash-out cassettes in an ATM) and a button labelled ‘spin’.

“as soon as you press the spin button, the atm starts dispensing cash from the corresponding cassette. down from the spin button, there is information about the cassette such as the bank note value and the number of bank notes in the cassette. the scan button rescans the atm and updates the numbers under the slot button, while the stop button stops the dispensing in progress.”

SEE ALSO  Access Bank Acquires Kenyan bank, Transnational Bank Plc

Meanwhile, the only method that banking institutions can safeguard their customers money from being stolen by the fraudsters is to “have a device control and process white-listing software running on it.” This would help to block the USB path used by the fraudsters to implant the malware into the ATM PC, as well as forestall the execution of any unauthorised software on it.”

Get an email when an update on this topic breaks

Share this
Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Source :

Join the Trentimes Community and earn on the side

Trentimes is the best thing that is happening to Internet Business




Latest News, Business & Finance News 24/7.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments

Subscribe to Get the Best Articles Weekly