Saturday, March 4, 2023
HomeCyber SecurityNew FiXS ATM Malware Focusing on Mexican Banks

New FiXS ATM Malware Focusing on Mexican Banks


Mar 04, 2023Ravie LakshmananBanking Safety / Cyber Crime

A brand new ATM malware pressure dubbed FiXS has been noticed focusing on Mexican banks because the begin of February 2023.

“The ATM malware is hidden inside one other not-malicious-looking program,” Latin American cybersecurity agency Metabase Q mentioned in a report shared with The Hacker Information.

In addition to requiring interplay by way of an exterior keyboard, the Home windows-based ATM malware can also be vendor-agnostic and is able to infecting any teller machine that helps CEN/XFS (quick for eXtensions for Monetary Providers).

The precise mode of compromise stays unknown however Metabase Q’s Dan Regalado advised The Hacker Information that it is probably that “attackers discovered a technique to work together with the ATM by way of touchscreen.”

FiXS can also be mentioned to be much like one other pressure of ATM malware codenamed Ploutus that has enabled cybercriminals to extract money from ATMs through the use of an exterior keyboard or by sending an SMS message.

One of many notable traits of FiXS is its capacity to dispense cash half-hour after the final ATM reboot by leveraging the Home windows GetTickCount API.

The pattern analyzed by Metabase Q is delivered by way of a dropper generally known as Neshta (conhost.exe), a file infector virus that is coded in Delphi and which was initially noticed in 2003.

“FiXS is applied with the CEN XFS APIs which helps to run totally on each Home windows-based ATM with little changes, much like different malware like RIPPER,” the cybersecurity firm mentioned. “The way in which FiXS interacts with the prison is by way of an exterior keyboard.”

ATM Malware

With this improvement, FiXS turns into the most recent in an extended checklist of malware equivalent to Ploutus, Prilex, SUCEFUL, GreenDispenser, RIPPER, Alice, ATMitch, Skimer, and ATMii which have focused ATMs to siphon cash.

Uncover the Newest Malware Evasion Techniques and Prevention Methods

Able to bust the 9 most harmful myths about file-based assaults? Be a part of our upcoming webinar and grow to be a hero within the battle in opposition to affected person zero infections and zero-day safety occasions!

RESERVE YOUR SEAT

Prilex has since additionally advanced right into a modular point-of-sale (PoS) malware to carry out bank card fraud by quite a lot of strategies, together with blocking contactless fee transactions.

“Cybercriminals who compromise networks have the identical finish purpose as those that perform assaults by way of bodily entry: to dispense money,” Development Micro mentioned in an in depth report on ATM malware revealed in September 2017.

“Nevertheless, as an alternative of manually putting in malware on ATMs by USB or CD, the criminals wouldn’t have to go to the machines anymore. They’ve standby cash mules that will decide up the money and go.”

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments