Not logged in » Login

Please login

Please log in with your Fujitsu Partner Account.


» Forgot password

Register now

If you do not have a Fujitsu Partner Account, please register for a new account.

» Register now

Recent Discussion:

NickBown | 22.12.2018, 14:18
We have come across this issue as well, and don't seem to have found a way around it (the server is ...
NickBown | 20.12.2018, 18:40
Hi everyoneWe've got an RX2540 M1 which won't boot past the Fujitsu splash screen (which shows the i...
MarkM | 15.10.2018, 11:33
Hi there.I do not believe the Fujitsu policy on this subject has changed.So NO you can not order dri...
Oct 22 2014

Cyber Crime Alert: Kaspersky Warns Against “Tyupkin”

IT security specialists from Kaspersky Lab have published a warning on cyber criminals having obtained amounts into the millions by targeting multiple Automatic Teller Machines (ATMs) worldwide via a specific malware, christened "Tyupkin" by the analysts.

During a forensic analysis completed earlier this year, experts from Kaspersky Lab's Global Research and Analysis Team (GReAT) identified a new malware – "Backdoor.MSIL.Tyupkin" – that enables criminals to empty infected cash machines without even inserting an ATM or smart card or using a skimmer. Instead, the fraudsters directly attack cash machines' built-in computers, provided these are running 32-bit versions of Windows (typically Windows XP) and are equipped with CD/DVD drives. To carry out the attack, the crooks must first gain physical access to the ATM they want to rob – not really a tough job on a hectic day. Then they insert a bootable CD into the optical drive to install the Tyupkin malware, which runs in an infinite loop and remains unseen until the felons return on a Sunday or Monday night to type in a secret code that convinces the electronic cashier to hand over its contents. To minimize the risk of getting caught, smarter crooks use so-called mules to carry out the cash-in operation – people who don't know the secret key and/or how to proceed after typing it in and get instructions via their mobes. A video demonstrating the attack is available on Kaspersky's YouTube channel. According to Kaspersky's news service Threatpost, the security analysts found Tyupkin installations on some 50 ATMs worldwide, most of which were located in Russia and in Asian countries; however, a small amount of infected systems resided in the U.S.

Tyupkin is an example for how criminals may exploit weaknesses in existing ATM infrastructures. First found on machines manufactured by NCR, the Tyupkin malware as well as the attack itself could work on any ATM with similar features. The scam is noteworthy for its brazenness and relative simplicity; but thanks to its very nature, it's also relatively easy for banks and ATM operators to protect themselves. Kaspersky recommends

  • Restricting physical access to ATMs, and placing them in well-lit areas controlled by surveillance systems
  • Installing security alarms and connecting ATMs to a central alarm system
  • Replacing all default locks on the machine as well as matching keys, including master keys
  • Changing the machines' BIOS passwords and
  • Ensuring they have up-to-date virus protection

Needless to say, it might also help to reconfigure the ATM so it doesn't boot from CD. Banks and ATM operators whose systems have been infected can download a virus removal tool from Kaspersky for free.


Comments on this article

No comments yet.

Please Login to leave a comment.