The alert was exposed by Kaspersky Lab researchers, after detecting publications that commercialized the software ready to be used. The program, as mentioned, is sold by providing a brief description, a detailed manual of its operation and a set of tools specially designed to target specific vendor models. Malware does not directly affect bank customers but it is intended to trick ATMs into releasing their content without authorization. Among the tools mentioned is Tyupkin, a software that became popular in 2014 (mainly in Europe) after affecting the operation of the cashiers whose operation depended on Windows, and was central to the subsequent jackpotting attacks. Although ATMs, or ATM (Automated Teller Machine), have particular electronic subsystems, they are still controlled by computers and operating systems behind. The toolkit includes: Cutlet Maker, the malware in question, main in the suite; Stimulator, an application to collect cashier states; and c0decalc, a terminal for generating passwords. According to Kaspersky researchers, the modus operandi suggests that two people perform the process, in roles called “drop” and “drop master”. The price of the toolkit was listed USD $5,000 at the time of the investigation. So, what do you think about this? Simply share your views and thoughts in the comment section below.
