BTC $57054.0562
ETH $3243.0497
BNB $394.9600
SOL $108.4177
XRP $0.5865
stETH $3239.3493
ADA $0.6239
AVAX $39.2702
DOGE $0.0977
TRX $0.1428
wstETH $3750.7519
DOT $8.3691
LINK $19.0300
WETH $3348.6813
MATIC $1.0282
UNI $10.8579
WBTC $56903.9273
IMX $3.3452
ICP $13.0217
BCH $292.5040
LTC $74.0124
CAKE $3.1570
ETC $28.0992
LEO $4.3640
FIL $7.6578
KAS $0.1689
RNDR $7.2011
DAI $1.0000
ATOM $11.2097
HBAR $0.1082
INJ $40.1071
VET $0.0489
TON $2.1280
OKB $51.4855
FDUSD $0.9985
LDO $3.4670
STX $2.9465
XMR $135.8398
XLM $0.1230
ARB $1.8948
NEAR $3.9608
TIA $17.0031
WEMIX $2.3756
GRT $0.2795
ENS $22.1963
MKR $2154.9330
APEX $2.3329
BTC $57054.0562
ETH $3243.0497
BNB $394.9600
SOL $108.4177
XRP $0.5865
stETH $3239.3493
ADA $0.6239
AVAX $39.2702
DOGE $0.0977
TRX $0.1428
wstETH $3750.7519
DOT $8.3691
LINK $19.0300
WETH $3348.6813
MATIC $1.0282
UNI $10.8579
WBTC $56903.9273
IMX $3.3452
ICP $13.0217
BCH $292.5040
LTC $74.0124
CAKE $3.1570
ETC $28.0992
LEO $4.3640
FIL $7.6578
KAS $0.1689
RNDR $7.2011
DAI $1.0000
ATOM $11.2097
HBAR $0.1082
INJ $40.1071
VET $0.0489
TON $2.1280
OKB $51.4855
FDUSD $0.9985
LDO $3.4670
STX $2.9465
XMR $135.8398
XLM $0.1230
ARB $1.8948
NEAR $3.9608
TIA $17.0031
WEMIX $2.3756
GRT $0.2795
ENS $22.1963
MKR $2154.9330
APEX $2.3329
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New FiXS virus found infecting Windows ATMs

    Malicious software causes an ATM to “spit out” cash.

    Cybersecurity company Metabase Q has discovered a new strain of malware called FiXS that targets Windows-based ATMs. The strain was discovered in Mexican banks in early February 2023.

    FiXS is controlled via an external keyboard and can infect any ATM that supports the CEN/XFS (eXtensions for Financial Services) standard. The exact method of compromise remains unknown, but experts suggest that attackers interact with the ATM through an external keyboard.

    FiXS is also reported to be similar to another strain of ATM malware called Ploutus, which allows cybercriminals to extract cash from ATMs using an external keyboard or by sending an SMS message.

    The sample parsed by Metabase Q is delivered via the Neshta dropper application (conhost.exe), written in Delphi and first discovered in 2003.

    One notable feature of FiXS is its ability to dispense money 30 minutes after the last ATM reboot using the Windows GetTickCount API. To get money from an ATM, money mules are used to pick it up and deliver it to the criminals.

    It is worth noting that FiXS is not the only malware targeting peripheral devices for financial transactions. In September 2022, Kaspersky Lab analysts discovered 3 new versions of Prilex malware targeting PoS terminals.

    Prilex appeared in 2014 and first attacked ATMs, and in 2016 moved PoS devices (Point-of-Sale). Development and distribution peaked in 2020, but the malware disappeared in 2021. However, according to experts, during this time, Prilex operators have developed a more sophisticated and destructive version of the malware.

    Author DeepWeb
    Transparent Tribe hackers distribute CapraRAT via messaging Trojans
    'Hacker hoodie' can blind security cameras

    Comments 0

    Add comment