New malware to steal money from European ATMs

A new ATM malware family targeting Europe has allegedly emerged in the cybercrime scene, posing a potential threat to the banking industry.

A threat actor listed malware named “EU ATM Malware” for sale on a hacker forum, claiming that it can compromise almost any ATM in Europe and approximately 60% of ATMs worldwide, including those manufactured by Diebold Nixdorf, Hyosung, Oki, Bank of America, NCR, GRG, and Hitachi.

The threat actor claims the malware can generate up to $30,000 per ATM. The seller is offering the malware with a monthly subscription and an initial fee plus a share of the profits from successful jackpotting operations.

So-called jackpotting occurs when malicious software is installed on an ATM's computer, often via a USB stick. This type of malware attack typically causes the ATM to dispense all its cash through the normal dispensing mechanism.

While it’s not yet possible to independently verify the claims regarding the new malware, if the claims are true, it poses a significant threat to the global banking industry.

Malware targeting ATMs has previously caused a tremendous amount of damage. Distributed since 2017, a malware kit named Cutlet Maker has been responsible for millions being cashed out with minimal technical skills.