Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

What pattern do these malicious programs follow?

This malicious program reads and saves bank data as well as card account numbers. The Trojan intercepts and decrypts PIN codes after cardholders enter them via ATM keypads.

To maintain confidentiality, ATM manufacturers employ a special technology that facilitates the encrypted transmission of PIN codes entered into ATMs. PIN codes are never stored in plain text, not on the bank card, not in the ATM, and not on the servers of the bank that owns the ATM.

Trojans from the Trojan.Skimer family bypass this protection and use the ATM's software to decrypt PIN codes!

Another way to infect an ATM is to open its equipment compartment and then use a CD to install a Trojan from the Ploutus family. Once the ATM is restarted and the malicious service is launched, criminals can issue various commands to the Trojan, for example, to empty the container holding all the cash. Commands are issued via an embedded keypad. If the intruders manage to plug a mobile phone into the device’s USB port, they can issue commands to the Trojan remotely via special SMS messages!

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040