Нет ответов в данной теме

[News Robot]

March 24, 2009

Doctor Web – a Russian developer of Dr.Web anti-virus solutions –
warns on a sophisticated Trojan Horse found in ATMs of some Russian
banks. This Trojan intercepts data on credit cards and pin codes of
customers who use the infected ATM. This data can later be used by
criminals to produce duplicate bank cards and thus steal funds from
accounts of the victims.

The Trojan is detected by Dr.Web Anti-virus as Trojan.Skimer.
According to Virus Monitoring Service of Doctor Web, 7 modifications
of the malware has been discovered so far. The Trojan collects
information on credit cards and PIN-codes that are entered from the
ATM's keyboard during the authentication procedure. Combined with a
PIN-code, the card data can be used to produce an illegal duplicate of
the original card. To withdraw the stolen data, the criminals have to
compose a special service code on the infected ATM's keyboard - and
the data is printed out as a reciept.

As a rule, the bank's ATM network has no access to the World Wide Web.
This means that the only way the Trojan could have penetrated the ATMs
is through an insider - a person or a group of persons connected with
the bank or with an ATM service company. The usage of a specific DLL
of the ATM operating system by the Trojan also implies a good
knowledge of the attacked ATMs by the criminals.


View the article