Hackers in Pakistan can steal cash from ATMs without a card using sophisticated malware attacks. The Ploutus malware enables unauthorized cash withdrawals and cardless ATM attacks, putting banks and customers at risk. According to a recent 1LINK advisory, malware targeting ATMs allows cybercriminals to control machines remotely without touching customer accounts. This method is part of a growing trend in banking cybercrime in Pakistan.
How Hackers Exploit ATMs
The Ploutus malware allows attackers to bypass standard ATM safeguards. Malware deployment involves copying malicious software onto an ATM’s storage or replacing it entirely. Once installed, it can trigger ATM jackpotting, forcing large sums of cash to be released. Digital indicators of ATM malware include suspicious .exe files, unauthorized remote access, and abnormal autorun programs. Windows OS ATM malware is especially vulnerable due to outdated systems in several banks.
Banks’ Response and Security Measures
To combat this threat, banks are improving ATM network security and implementing endpoint detection and banking systems. ATM security upgrades include disk encryption, firmware integrity checks, memory protection on ATMs, and device whitelisting on ATMs. Audit policies, ATM, are strengthened to track unauthorized access. ATM monitoring tools and preproduction ATM security testing help prevent ATM malware infection.
Protecting Customers and ATMs
Customers should monitor transactions and report suspicious activity immediately. Banks recommend ATM software whitelisting, USB and external storage control, and installing ATM access sensors and cameras. Maintaining gold images of ATMs ensures secure deployment. These measures reduce large-scale ATM fraud and protect banking customer risk.
Hackers in Pakistan can steal cash from ATMs without a card, but vigilance, advanced security measures, and regular audits can mitigate threats effectively.
