Your browser is obsolete!

The page may not load correctly.

  • add to favourites
    Add to Bookmarks

ATM Trojans

Read: 1221 Comments: 1 Rating: 43

ATM Trojans are special malicious programs designed to infect embedded devices (ATMs, payment terminals, etc.) in order to steal money from cardholders.

Using this malware, cybercriminals ascertain the bank card information and PIN codes of their victims. Once they have acquired the necessary data, they can completely deplete compromised card accounts.

To steal money using ATM Trojans, cybercriminals exploit:

  • vulnerabilities in specially designed operating systems for embedded systems;
  • well-known ATM security loopholes;
  • the absence of anti-virus protection on most devices or the fact that an anti-virus in use is insufficiently updated.

With few exceptions, ATM users are unaware that special malware can invade ATM software. In upcoming issues, we will describe how cybercriminals pull this off.

It's hard to believe, but even some bank IT professionals with whom Doctor Web’s employees have had conversations about ATM Trojans think that ATM Trojans are extremely rare, if they exist at all—and to them, the risk involved is minor and can be ignored!

Dr.Web recommends

If money suddenly disappears from your account, you probably won’t make the connection that the ATM you used was infected (i.e., with an ATM Trojan).

One particularly unpleasant feature of ATM Trojans is that users can do nothing to protect themselves from their actions.Anti-viruses don’t exist for credit cards, and, therefore, in this case, it’s an “every man for himself” situation.

But, despite the pessimism of our conclusion, we recommend:

  1. Before opening a bank account, find out whether the bank’s ATMs are protected by an anti-virus, and if so, try to withdraw money only from that bank’s ATMs.
  2. Be prepared for such an incident to occur — keep the bank’s contact information at hand (or know exactly where to find it) so that suspicious transactions or your card can be blocked.
  3. If you become a victim of an ATM Trojan, you can learn how to get your money back in the Legal Section on Doctor Web's site.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.


Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.