Technology is a useful servant but a dangerous master. — Christian Lous Lange

Technology has made our life easy. But everything that makes your life easy has both pros and cons. Malware attack on ATM machine has become common these days.Let me introduce you to a new malware ATMii that is reported by Kaspersky Lab.

What is ATMii malware?

ATMii is also known as Backdoor.Win32. ATMii is malware developed by malicious hackers. It attacks ATM’s which are running on windows7 and Windows Vista and can drain out all the cash.

When was ATMii discovered?

ATMii malware came into notice in April 2017 when few Kaspersky Research analysts found it when an affected bank gave its sample to the technical team of Kaspersky Lab.

How ATMii malware works?

This malware has two modules (exe.exe) and (dll.dll). The former is the injector module and the latter is the module to be injected. To do this the attacker can communicate with the ATM either through a network or physically through the USB.

How to protect against ATMii malware?

Kaspersky researcher Konstantin Zykov said that the banks must secure any physical access to the ATM and so that attackers cannot use USB ports.

As many of the ATM’s are using Windows XP so this threat is only targeted to those who are using Windows 7 and Vista.

The most interesting fact identified by Zykov is that the malware has only three commands to carry out its notorious operations. The Scan command scans the ATM’s cash cassettes to get the complete list of bills stored in the machine at that particular time. Through Disp command, attackers can dispense cash as much as they wish and with Die command, attackers can instruct the malware to for self-removal.