BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New FiXS virus found infecting Windows ATMs

    Malicious software causes an ATM to “spit out” cash.

    Cybersecurity company Metabase Q has discovered a new strain of malware called FiXS that targets Windows-based ATMs. The strain was discovered in Mexican banks in early February 2023.

    FiXS is controlled via an external keyboard and can infect any ATM that supports the CEN/XFS (eXtensions for Financial Services) standard. The exact method of compromise remains unknown, but experts suggest that attackers interact with the ATM through an external keyboard.

    FiXS is also reported to be similar to another strain of ATM malware called Ploutus, which allows cybercriminals to extract cash from ATMs using an external keyboard or by sending an SMS message.

    The sample parsed by Metabase Q is delivered via the Neshta dropper application (conhost.exe), written in Delphi and first discovered in 2003.

    One notable feature of FiXS is its ability to dispense money 30 minutes after the last ATM reboot using the Windows GetTickCount API. To get money from an ATM, money mules are used to pick it up and deliver it to the criminals.

    It is worth noting that FiXS is not the only malware targeting peripheral devices for financial transactions. In September 2022, Kaspersky Lab analysts discovered 3 new versions of Prilex malware targeting PoS terminals.

    Prilex appeared in 2014 and first attacked ATMs, and in 2016 moved PoS devices (Point-of-Sale). Development and distribution peaked in 2020, but the malware disappeared in 2021. However, according to experts, during this time, Prilex operators have developed a more sophisticated and destructive version of the malware.

    Author DeepWeb
    Transparent Tribe hackers distribute CapraRAT via messaging Trojans
    'Hacker hoodie' can blind security cameras

    Comments 0

    Add comment