SUCEFUL is a multi-vendor ATM malware that is capable of stealing cards inserted into ATM machines, disabling ATM sensors, and reading data from a debit card’s magnetic strip. SUCEFUL interacts with the ATM’s hardware via the XFS Manager and can be controlled by attackers from the PIN pad. Upon infection, the malware sends commands to read payment data including credit card name, account number, expiration date, and encrypted PIN.
Reporting and Technical Details:
- September 2015: SUCEFUL: Next Generation ATM Malware (FireEye)
Image Source: FireEye