North Korean hackers are once again shaking up the world of cybercrime, this time by breaking into ATM networks running on Linux. In a chilling escalation of their capabilities, these digital thieves are now targeting systems banks use to approve and process transactions, making off millions in stolen funds, all without triggering alarms.
Using a powerful malware known as FASTCash, these hackers sneak into the heart of a bank’s transaction system. Imagine that a hacker sends a fake request for money from an ATM. But instead of getting turned down, the system falls for the trick and says yes. When FASTCash is in charge, it changes messages that should say no to the transaction into ones that give the green light. This lets hackers withdraw cash from machines as if it were a legitimate transaction.
These attacks have evolved with time. Initially, the hackers exploited older systems running on AIX, a type of Unix and later shifted to Windows-based infrastructure. But now, they’ve set their sights on Linux, broadening their range to hit even more financial institutions. This malware poses a severe threat because it takes advantage of security flaws in payment processing systems, particularly where banks do not adequately verify the transactions between card issuers and merchants.
The consequences are significant. These hackers, supported by North Korea’s government, have taken billions in the last few years. Now that they are targeting Linux, the risk to worldwide banking systems has grown multifold.
