TAGS-AT E JAVËS

Rajoni dhe Bota2025-08-03 21:01:00

Hidden devices in ATM network, unprecedented cyberattack scenario

Shkruar nga Pamfleti

Hidden devices in ATM network, unprecedented cyberattack scenario

A new case of cyberattack on a bank reveals the combination of physical intrusion and sophisticated malware (malicious software designed to damage or exploit computers, networks and IT systems), aimed at controlling ATMs for illegal cash withdrawals.

The case was investigated by Group-IB, a cybersecurity company founded in Russia, which identified a small Raspberry Pi (a small computer the size of a card) connected to an internal switch of the bank's network.

The device was equipped with a 4G modem and allowed remote access to the bank’s internal network, even when the “walls” were active. The initial access appears to have been in person, either by the hackers themselves or with the help of an internal collaborator. The device was discreetly placed within the ATM infrastructure.

Once installed, the Raspberry Pi acted as a “bridge” between the bank’s server and the attackers. At the same time, the hackers managed to penetrate other critical servers, such as the mail servers, creating a communication network within the bank. This allowed them to remain invisible and coordinate their attack.

To go unnoticed, the hackers used malicious programs that executed pseudo-normal commands. In addition, techniques were used to prevent detection through monitoring of system files.

The aim of the attack was to modify the identification process, while the malicious program was able to bypass the PIN check in transactions, authorizing fraudulent withdrawals.

Group-IB emphasizes that banks should strengthen their security measures, both digital and physical.

 

Lini një Përgjigje