The heist worked in three stages

The entire incident was captured on camera, which the bank contacted the Russian cybersecurity firm Kaspersky Lab for an investigation.No arrests have been made in the heist yet. It was at this point that the command, "Take the money bitch," appeared in the log file, and possibly on the ATMs screen as well to signal the money mule to grab the bills and go,’ a security analyst from Kaspersky told Motherboard in an interview.‘Fileless malware attacks use the existing legitimate tools on a machine so that no malware gets installed on the system, or they use malware that resides only in the infected machines random-access-memory, rather than on the hard drive, so that the malware leaves no discernible footprint once its gone,’ reported Motherboard.It was like a complete movie scene where some hackers in Russia managed to drain a Russian bank of around eight ATMs with almost a million dollars of rubles in just a single night. The incident happened last year when the bank went through their surveillance cameras and found out the heist being captured on tape. Custom Food sealing canning line However, the only clue that was left behind was two log files that had a log of everything on the machine before the money disappeared.‘

The heist worked in three stages, with the first two using commands that instructed the ATM to withdraw the bills stored in cassettes and place them in line to be dispensed, and the third stage using a command that opened the mouth of the ATM. However, researchers need samples of the ‘missing malware’ that were on the machines to analyse how the robbers pulled off the heist.Earlier this year too, Kaspersky reported that invisible ‘fileless’ attacks were used to target more than 140 banks in Europe.The Motherboard reported that the Russian bank was looted by a lone culprit who managed to grab a stack of bills worth $100,000 from each of their machines.The logs included one line in English, stating ‘Take my money, bitch. The only evidence was the CCTV recording. The worst part — he did not even touch the machine.The log files left behind are obvious that the bank was hacked.’   "Our theory is that during the uninstall [of the malware], something went wrong with the malware and thats why the [log] files were left," says Sergey Golovanov, principal security researcher with Kaspersky in Russia, who investigated the heists, reported Motherboard.The ATM machines were hacked with a malware, which spewed around 40 bills at a time and in less than 20 minutes, a single ATM machine was left dry before the culprit moved on to the next machine in the city for the same action. There were no signs of intrusion either.(source).The hackers method was a mystery as the bank found absolutely no trace of any malware on the ATMs or their backend networks. Kaspersky thinks the culprits might be connected to one of two previously known gangs of bank hackers, known as and Carbanak. The method was used to target two Russian banks that night.

Kommentek
  1. Én