Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
It is a commonly held myth that ATM machines are not vulnerable to the type of malware infections that plague other endpoint systems because they are more isolated from their network and end user interactions. While this makes them more difficult to infect, there is ample evidence that determined criminals are able to overcome these obstacles to succeed with ATM malware breaches.
In 2013, the researchers at the annual Chaos Computing Congress in Hamberg reported that hackers were able to infect cash machines at an unnamed bank by cutting a hole in the machine and transferring malware from a USB into the system. The hackers covered their tracks by patching the holes and the banks only learned of the breach when they discovered that the machines had been emptied of cash.
The software the hackers used did not rely on identifying any specific customer account or account information. It identified the quantities of the various currency denominations and allowed the criminals to simply withdraw the currency by denomination.
In March 2014, malware that targets ATM Machines dubbed Ploutus was identified. Because the hackers need to physically access the machine, it is has been seen primarily on standalone ATM machines, such as found at retail stores. Ploutus allows the hackers to control the machine and withdraw an unlimited amount of cash. A recent version of the malware allows the hackers to control it remotely using text messages. This requires the hackers setting up a mobile phone within the machine.
Not all malware found infecting ATMs requires physical access to the machine. Some get into the machine through vulnerabilities in the institutions network security to deposit the malware on the endpoint itself. In 2013, the malware called “Dump Memory Grabber” was identified as infecting POS and ATMS stealing credit card data. The malware is able to scan the memory of ATMs to obtain the card data
According to the security firm Group-IB the malware may have been use to steal card data at major US banks, including Chase, Capitol One and Citibank. It may be small comfort, but Group-IB believes that “Dump Memory Grabber” was being spread by “insiders” who had authorized access to the targeted endpoints.
While organizations attempt to isolate them from their network and limit access via a user interface, an ATM is simply an endpoint computer that is not much different than your common desktop. In fact, most ATMs use the Windows operating system that is the favorite target platform of hackers and fraudster.
When Microsoft discontinued security updates for Windows XP in April of this year, most ATMs were still using the venerable OS first introduced in 2001. Unsupported operating systems are a prime target for hackers.
No matter how secure you think your ATM is, hackers have proven that they can defeat any conventional approach. As the examples on the prior page indicate, hackers can infect your ATM with malware by:
The safest assumption for ATM Security is to assume that detection will fail. Your application must be able to operate safely in an already infected environment. This why Comodo invented a unique solution called SecureBox.
Comodo SecureBox is not endpoint protection. It is a fortress where your application software can run safely and communicate securely on a compromised machine. Like a medieval castle, it provides safe harbor in an increasingly hostile landscape.
Learn more about SecureBox
Free ITSM Software
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats