Security Alerts & News
by Tymoteusz A. Góral

History
#791 Updated Skimer malware infects ATMs worldwide
Researchers from Kaspersky Labs warn that the Skimer malware, first spotted in 2009, is once again infecting ATM machines worldwide. An improved version of Backdoor.Win32.Skimer has been discovered infecting machines worldwide. The new Skimer allows criminal access to card data, including PIN numbers, as well as to the actual cash located in the machine.

The malicious installers use the packer Thermida to disguise the Skimer malware which is then installed on the ATM. If the ATM file system is FAT32, the malware drops the file netmgr.dll in the folder C:\Windows\System32. If the ATM has an NTFS file system, netmgr.dll is placed in the executable file of the NTFS data stream, which makes detection and analysis of the malware more difficult.

Unlike other skimming malware programs, like Tyupkin, which becomes active in a specific time frame and is awakened by a ‘magic code’, Skimer may lie dormant for months until it is activated with the physical use of a ‘magic card.’ The magic card gives access control to the malware, which then offers a list of options that are accessed by inputting a choice on the pin pad.
Read more
#801 Master decryption key released for TeslaCrypt ransomware
#800 France DGSE: Spy service sets school code-breaking challenge
#799 Archive of historic BT 'email' hack preserved
#798 Robin Hood hacker donates $11,000 of stolen bitcoin to help fight ISIS
#797 Google fights French 'right to be forgotten' order
#796 Android Qualcomm vulnerability impacts 60 percent of devices
#795 ESET releases new decryptor for TeslaCrypt ransomware
#794 Ransomware activity spikes in March, steadily increasing throughout 2016
#793 Magento – unauthenticated remote code execution
#792 Foreign hackers may be targeting presidential candidates
#791 Updated Skimer malware infects ATMs worldwide
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12