The traditional way of milking dry a bank's automated teller machine (ATM) was to blow it up. Literally, steel and everything... but there's a new kid on the block. Modern criminal gangs around the world have now figured out that deploying ATM malware is an easy shortcut to jackpot up to the latest banknote inside. In this talk, we describe all the reasons that have led the criminals to develop their new golden goose, the strategies they use and each of the main malware families in this new battlefield as well as the criminal organizations responsible for this new threat. The challenge these malware writers face is accessing the special hardware of these machines: pinpad, card reader and the cash cassettes. Different malware families solve this their own particular way. The paper describes each family in detail as well as the geographical area it comes from. An overview of the criminal organizations behind these threats is presented. We will conclude with some lessons learned and recommendations on how to protect these very special machines.

About the Speaker:
David Sancho joined Trend Micro in 2002, having fulfilled a variety of technical security-related roles. Currently, his title is Senior Anti-Malware Researcher, and he specializes in web threats and other emerging technologies. In his more than 17 years of experience in the security field, David has written and published a number of research papers on malware tendencies, has been featured in the media, and has participated in customer events where he has presented on business issues and malware-related topics. His interests include web infection methods, vulnerability exploitation, and white-hat hacking in general.