Posted by: Dan O'Connor
A former Bank IT worker has been charged with installing malware on ATM machines with Bank of America, the amount of money that he stole is not posted anywhere that I can find but it is above $5,000.
There is no specific information about the malware that he used to commit the fraud.
On a related note I have found some technical information regarding malware discovered on European ATM’s that is finding it’s way into North America. The primary function of the malware is to capture mag stripe and pin information as customers use the ATM, it also has the ability to arbitrarily dispense cash from the ATM.
The malware appears to be controlled by inserting controller cards into the card reader ( Neat! ) displaying the control interface and allowing the user to preform a variety of functions on the terminal. It intercepts the information as it’s processed on the system and stores it in the C:\Windows\ dir as a file called ‘kl’.
The story on the Bank of America guy is here http://www.wired.com/threatlevel/2010/04/bank-of-america-hack/
Information on the malware is here http://www.wired.com/threatlevel/2009/06/new-atm-malware-captures-pins-and-cash
And here is the link to the pdf write up about the malware http://www.wired.com/images_blogs/threatlevel/2009/06/trustwave-security-alert-atm-malware-analysis-briefing.pdf