by David Sancho and Numaan Huq (Trend Micro Forward-Looking Threat Research Team), Massimiliano Michenzi (Europol EC3)
Infecting automated teller machines (ATMs) with malware is nothing new. It’s concerning, yes. But new? Not really. We’ve been seeing physical attacks against ATMs since 2009. By physical, we mean opening the target machine’s casing, accessing the motherboard and connecting USB drives or CD-ROMs in order to infect the operating system. Once infected, the ATM is at the attackers’ mercy, which normally means that they are able to empty the money cassettes and walk away with fully loaded wallets. In 2016, we released a joint paper with Europol’s European Cybercrime Centre (EC3) that discussed the shift from physical to digital means of emptying an ATM and described the different ATM malware families that had been seen in the wild by then. Continue reading →
Cybercrime remains largely unique: it is without borders and offers perpetrators a great degree of anonymity, meaning most escape justice. But that’s changing, as some excellent policing work in recent days has shown. The takedown of two of the world’s biggest darknet marketplaces, AlphaBay and Hansa, illustrated what can be achieved when law enforcers work effectively with each other across borders.
Yet despite these successes, cross-border collaboration and public-private sector initiatives are still relatively new. That’s why we’ve invited representatives from the FBI, GCHQ, and Interpol to share their experiences at Trend Micro’s upcoming CLOUDSEC 2017 conference in September. Continue reading →