At a time when fraud, cyberbals and alerts for mass digital attacks are the order of the day, in the banking sector ATMs are an especially vulnerable element.

Malicious malware or software is one of the main threats for ATMs and, therefore, for all the cybersecurity of the entities, since through it not only large amounts of money can be steal, but also data from the clients and valuable information of their processes and operation. Any code designed to avoid security measures, modify processes or replicate autonomously with different purposes is considered malware.

For technology responsible, law enforcement agencies and financial institutions are important to know this threat as the first step to strengthen their defenses and mitigate risks. Thinking about them, the auriga cybersecurity business unit, a software company for the Omnicanal Payment and Banking Sector and cybersecurity expert on specific devices, has developed the first malware guide for bank One of them.

Malicious malware or software is one of the main threats to ATMs

These are, according to the guide, the most prominent:

· The first specific malware for ATMs: Skimer, discovered in Russia in 2009

· Malware with the greatest impact on the world: It is estimated that the coordinated attacks with Carbanak, Anunak and Cobalt accumulate more than 1000 million dollars in losses for financial entities, being the most impact that has had global finances in the last 15 years.

· The malware that has infected more ATMs: Ploutus, committing more than 75,000 ATMs worldwide

· The most recently detected malware family: Until the real existence of AU ATM Malware (May 2024) is demonstrated, Fixs is considered the latest family of specific atms detected, in this case in Mexico, in February 2023

· The most recent variant detected: FastCash, with a new variant discovered in October 2024

· Malware with more known variants: Ploutus, with multiple versions

· The most dangerous malware for atm: Because of its immediate and direct impact, and due to its ability to dispense large sums of money, Tyupkin can be considered the most dangerous malware family for physical attacks.

· The most difficult malware to detect: Due to its level of infiltration and because a very sophisticated anti -fraud system is necessary for its detection, Metel can be considered the one that can operate for a longer time without detecting its presence.

· Malware easier to use: Because of its simple interface and because it automates many of the tasks involved in the attack, Cutlet Maker is probably the simplest to use for criminals.

“Today, the best protection of an ATM against this type of software is based on reducing the attack surface to the minimum expression through a zero confidence approach. Give Bases of cybersecurity in evolution “he states Néstor Santolaya Bea, Cybersecury Product Expert from Auriga and author of the Banking Malware Guide.

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.