Kaspersky, a cybersecurity solutions provider, said it has discovered a malware used by cybercriminals to automatically dispense cash from Automatic Teller Machines (ATMs).
It said the malware called WinPot had been designed to look like the slot machine, warning that new modifications would be invented by the fraudsters this year.
Kaspersky said some of the modifications would trick the ATM security systems; overcome potential ATM limitations; find ways to keep the money mules from abusing their malware; and improve the interface and error-handling routines.
“In March 2018, we came across a fairly simple but effective piece of malware named WinPot. It was created to make ATMs by a popular ATM vendor to automatically dispense all cash from their most valuable cassettes. We called it ATMPot. The criminals had clearly spent some time on the interface to make it look like that of a slot machine. Likely as a reference to the popular term ATM-jackpotting, which refers to techniques designed to empty ATMs,” the Kaspersky report said.
Describing how the malware is used, analysts at Kaspersky said, “In the WinPot case, each cassette has a reel of its own, numbered one to four (four is the maximum number of cash-out cassettes in an ATM) and a button labelled ‘spin’.
“As soon as you press the spin button, the ATM starts dispensing cash from the corresponding cassette. Down from the spin button, there is information about the cassette such as the bank note value and the number of bank notes in the cassette. The scan button rescans the ATM and updates the numbers under the slot button, while the stop button stops the dispensing in progress.”
The company said its findings had been further corroborated by similar samples found in an European Fraud Update published in the summer of 2018.
In order to protect ATM from the threat, the cybersecurity firm advised, “Have a device control and process white-listing software running on it. The former will block the USB path of implanting the malware directly into the ATM PC, while the latter will prevent the execution of unauthorised software on it.”
You may be interested
Boniface Scores As Leverkusen Beat Bochum, Close In On Bayern Munich
Webby - March 28, 2025Victor Boniface was on target for Bayer Leverkusen in their 3-1 home win against Bochum in the Bundesliga on Friday…
NPFL: Defeat To Kwara United Painful — Nasarawa United Boss Yusuf
Webby - March 27, 2025Nasarawa United head coach Salisu Yusuf has reacted to his team’s 1-0 loss to Kwara United, reports Completesports.com. Emeka Onyema…
Cote d’Ivoire Withdraw As Host Of U-20 AFCON
Webby - March 27, 2025Cote d’Ivoire announced late Tuesday its withdrawal from hosting the 2025 U-20 Africa Cup of Nations just weeks before the…
![American Pastor, David Wilson Seen Eating The Box Of Woman Who Isn’t His Wife [Video]](https://onlinenigeria.com/wp-content/uploads/2019/10/american-pastor-david-wilson-seen-eating-the-box-of-woman-who-isnt-his-wife-video-150x150.jpg)
![INEC Claims 165,631 PVCs not collected in Kogi, 40,912 in Bayelsa [See Infographics]](https://onlinenigeria.com/wp-content/uploads/2019/09/inec-claims-165631-pvcs-not-collected-in-kogi-40912-in-bayelsa-see-infographics-150x150.jpg)
