GreenDispenser ATM Malware Alert
FOR IMMEDIATE RELEASE:
New Report of GreenDispenser ATM Malware
Anoka, MN – September 25, 2015 – A recent NCR Security Update advised there have been attacks of a new variant of ATM malware called GreenDispenser. The financial that was attacked states that GreenDispenser interacts with XFS middleware to be able to interface with the pinpad and cash dispenser, which means it is likely it is using published CEN XFS interfaces. At this time, NCR has not received any other reports that this malware has been used to compromise ATMs, so the attack vector is unknown at this time.
The NCR Corporation has been working diligently with the affected financial institution and their infected ATMs to remove any trace of the uploaded malware. An updated stinger DAT file will be made available to identify and remove this malware, if found on an ATM. In addition, they are applying the recommended security provisions that are outlined in this release.
The NCR Corporation and Case Financial highly recommend that all ATM owners and operators engage in immediate proactive efforts to arm their deployments with the highest level of security available to thwart these types of malware attacks before they hit the United States.
NCR Recommendations Delivered by Case Financial
Key mandatory requirements include:
- Apply a robust administrator password
- Ensure AUTORUN has been fully and effectively disabled
- Deployment of Hard Disc Encryption to prevent unauthorized files from being loaded on the ATM.
- Deploy only PCI compliant firmware in the EPP
- Deploy an effective anti-virus mechanism – NCR Recommends active whitelisting applications which go beyond traditional anti-virus programs – specifically the deployment of Solidcore Suite for APTRA.
- Solidcore Suite is necessary to allow notification alerts to be sent for malware attacks performed when the ATM Hard disk is offline. Solidcore Standalone will prevent online attacks.
If you are interested in more information about any of the remedies or recommendations seen here, please feel free to contact a member of our team Toll Free at 1.877.728.9627 or Mike@CaseFi.com.
See all news
Featured Industry News
Save the Date – Hackers & Smackers Golf 7/25!
Save the Date for Monday, July 25 at the Oak Marsh Golf Course! Registration will be open mid-May. Stay tuned for more details! ...
New Card Skimmer Used in Successful Attacks in US
As a certified NCR partner, Case Financial has been notified of recent card skimming attacks on ATMs in the US. We want to ensure our clients are aware to help...
32nd Annual Hackers & Smackers Golf Scramble
A great big thank you to everyone who helped make the 2021 Hackers & Smackers Golf Scramble a huge success! Case Financial was very excited to host the 32nd annual...