A recent analysis reveals a new variant of the FASTCash malware, designed to compromise financial networks by manipulating payment transactions. Developed by threat actors potentially linked to North Korean hacking groups, this Linux version specifically targets Ubuntu 20.04 systems in ATMs. It intercepts declined magnetic swipe transactions and authorizes them with fraudulent amounts in Turkish Lira, removing security controls like PINs. The malware demonstrates evolving tactics aimed at exploiting vulnerabilities across various operating systems within the financial ecosystem. Author: AlienVault
Related Tags:
transaction
FASTCash
T1059.007
fraud
T1557
T1586
T1059.003
T1499
linux
Associated Indicators:
609A5B9C98EC40F93567FBC298D4C3B2F9114808DFBE42EB4939F0C5D1D63D44
129B8825EAF61DCC2321AAD7B84632233FA4BBC7E24BDF123B507157353930F0
F43D4E7E2AB1054D46E2A93CE37D03AFF3A85E0DFF2DD7677F4F7FB9ABE1ABC8
F34B532117B3431387F11E3D92DC9FF417EC5DCEE38A0175D39E323E5FDB1D2C
10AC312C8DD02E417DD24D53C99525C29D74DCBC84730351AD7A4E0A4B1A0EBA
7F3D046B2C5D8C008164408A24CAC7E820467FF0DD9764E1D6AC4E70623A1071
AFFF4D4DEB46A01716A4A3EB7F80DA58E027075178B9AA438E12EA24EEDEA4B0
C3904F5E36D7F45D99276C53FED5E4DDE849981C2619EAA4DBBAC66A38181CBE
078F284536420DB1022475DC650327A6FD46EC0AC068FE07F2E2F925A924DB49