chalabala - Fotolia
European police smash ATM malware gang
Cyber criminals caused substantial losses across Europe by using Tyupkin malware to access ATM cash cassettes
European police have arrested eight cyber criminals who raided automatic teller machines (ATMs) across the continent using Tyupkin malware.
The malware enabled the gang of Romanian and Moldovan nationals to manipulate ATMs and empty cash cassettes.
According to Europol, this is one of the first law enforcement operations against this form of cyber crime, known as ATM “jackpotting”.
An investigation by security firm Kaspersky Lab in 2014 found that the Tyupkin ATM malware was found mainly in Eastern Europe, but was also in use in the US, India and China.
The arrests and house searches in Romania and Moldova were conducted by the Romanian National Police and Romania’s Directorate for Investigating Organised Crimes and Terrorism (DIICOT) in collaboration with Europol, Eurojust and several European law enforcement authorities.
Europol did not specify how much money the gang was able to plunder, but said it had caused “substantial losses” across Europe.
Europol's European Cybercrime Centre (EC3) supported police forces across Europe in their efforts to identify the suspects by hosting a number of international operational meetings and analysing intelligence.
Europol said the joint international effort followed previous successful action against the threat posed by this type of malware.
Wil van Gemert, Europol’s deputy director operations, said there had been a major increase in ATM attacks using malicious software in the past few years.
Read more about Europol
- Law enforcement and private industry need to work together to effectively combat cyber crime, says Europol as it signs an MoU with another cyber security firm.
- Encryption has become one of the biggest problems for police and security services in dealing with threats from terrorism, says Europol chief.
- Europol is to lead an initiative pooling cyber crime intelligence from business, government, law enforcement and security agencies.
“The sophisticated cyber crime aspect of these cases illustrates how offenders are constantly identifying new ways to evolve their methodologies to commit crimes,” he said.
“To match these new technologically savvy criminals, it is essential, as was done in this case, that law enforcement agencies co-operate with their counterparts via Europol to share information and collaborate on transnational investigations.”
Read more about ATM security
- NCR has developed smart thin client cash machines to replace ageing Windows XP-based ATMs.
- US Bank has moved all its ATMs on to Windows 7 after deciding to complete the project before Microsoft stopped support for XP.
- Research has revealed that 89% of European banks still run ATMs on XP despite Microsoft removing support for the software.
EC3, which recognises the severity of the threat presented by ATM logical and malware attacks, has published security guidelines concerning this new cyber threat to ATMs.
The guidelines were produced in collaboration with the European ATM Security Team (East).
Europol said the guidelines are an example of a co-ordinated central response from law enforcement organisations and the industry to fight ATM malware threats by responding much more quickly and effectively. However, circulation of the document is restricted to law enforcement and to the banking and payments industry.
