+7 (495) 967-14-51 

 Contacts   Sitemap  
Language:  Russian English     Search: 
Main page  →  Company  →  News & Events  →  2014
About Us
News & Events
Press Center




New ATM Trojan called Tyupkin helped in stealing millions of dollars

Tyupkin, new banking Trojan capable of dispensing cash directily from infected ATM, was detected in Eastern Europe according to the Kaspersky Lab blog post. Malware installed from the bootable CD after criminals gain physical access to the ATM lets them dispense cash without using any plastic card.

New Trojan’s capabilities look close to those of already well known ATM malware called Ploutus. After being installed on the device Tyupkin disables antivirus software such as McAfee Solidcore used in Kaspersky Lab example and waits for specific input from PIN keyboard. Among other features are standby mode with automatic activation and Sunday and Monday nights and the ability to shut down the ATM network connection in case of emergency.

In order to dispense cash the cybercriminal needs to know the Trojan menu , enter the necessary commands and special session key generated by formula that works as a kind of two-factor authentication. Then the cash is dispensed, 40 banknotes at the time. Following this scheme criminals have managed to dispense hundreds of thousands of dollars without attracting any attention.

“Appearance of new ATM Trojans capable of directly dispensing cash from infected devices is only logical”, says Denis Gasilin, head of marketing in SafenSoft, company developing information security solutions for self-service devices. “This “new guy” has a good debut – it already infected ATMs in Russia, USA and even Malaysia. It’s hard to say for sure if it’s just a Ploutus modification or completely new product from some cybercriminal group, but it doesn’t really matter since any ATM without software integrity preservation solution installed will be affected in just the same way”.


October 10, 2014

All news  |  Print this page

August 08, 2014 

December 04, 2014 


Computer security: Information security solutions | Host Intrusion Prevention System (HIPS) | Endpoint protection | The best virus protection | Whitelisting | Application Integrity Control | Comprehensive Malware Protection | Application protection | Windows Startup / Registry Protection | Online banking security | Online payment protection | Data leakage prevention (DLP) | Information security in medicine
2009-2018, Safe’N’Sec Corporation. Privacy policy