A new jackpotting scam, a scheme that frees cash from ATMs remotely, was discovered by Kaspersky researchers last week. Called WinPot, the malicious campaign uses malware marketed on the Internet black market that can trick the machine's software into cash withdrawals.
READ: Attack causes ATM to release all money; understand
Although the method is not new, the virus catches the eye for the look similar to slot machines. In addition, the software is selling on the deep web, according to Kaspersky, and is much easier to use than similar software already known.
Kaspersky Unveils New Malware That Steals Money From ATMs Photo: Disclosure / Kaspersky
Want to buy a cell phone, TV and other discounted products? Meet the Compare dnetc
The WinPot program invades the operating system that drives the ATM to scour the locker storage drawers. Each drawer holds banknotes of different values, so malware can count them to tell the criminal which accumulates the largest amount at the moment.
Unlike older malicious software, which required more time to get in on the action and give you access to stolen money, WinPot has easy-to-use slot-style buttons. For example, the command is for the ATM to hand over the spin codes as the motion to activate the machine of chance.
In theory, malware speeds up the work of mules, as scammers who go to the ATM to collect the stolen money are called. According to Kaspersky, WinPot can be found selling on illegal commerce sites on a Darknet (deep web that forms the deep web deep within the deep web) for between $ 500 and $ 1,000 (on average $ 1,950 to about R $ 4 thousand in direct conversion).
It is important to note if the ATM does not have something strange and out of place. Photo: Pond5
Kaspersky does not report whether there have ever been any use cases of WinPot at ATMs in Brazil. But as software is easily accessible by any criminal, it is important to beware. Recommendations include avoiding ATMs in public places and giving preference to machines within bank branches.
It is also important to check if there are any foreign devices connected to the automated teller machine, such as spare keyboards or cameras. Therefore it is also essential to protect your hands when entering passwords to prevent the action of any prowl. I need to check and avoid machines that display messages with portugus errors or system failure. Another important precaution is to activate SMS alerts with the bank with constant updates on withdrawals and other account movements.
What jackpotting? Ask questions on the dnetc forum.
What ransomware: five tips to protect yourself