ATM-based malware can cause significant damage to end users; financial institutions, and targeted banks.
“Over the past 10 years, we have seen a steady increase in the number of ATM malware samples discovered. Still, the number of discovered samples is minimal compared to almost any other malware category,” Talos reported.
Based on the functions, ATM-based malware classified into virtual skimmers and cash dispensers. The Skimmers card data, transaction details, and PINs, whereas the Cash-dispensing malware is used by attackers to dispense cash from ATMs.
The generic framework used by ATM developers is CEN/XFS framework, which allows them to compile and run the code regardless of the ATM model or manufacturer.