Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems

Driver vulnerabilities can facilitate attacks on ATMs, point-of-sale (PoS) systems and other devices, firmware security company Eclypsium warned on Monday.


Eclypsium last year analyzed device drivers from major vendors and found that over 40 drivers made by 20 companies contained serious vulnerabilities that could be exploited to deploy persistent malware.


The firm now warns that the Windows drivers used in ATMs and PoS devices can be highly useful to threat actors targeting these types of systems.


A significant number of ATM malware families emerged over the past years, including the ones known as Skimer, Alice, CUTLET MAKER, Ploutus, Tyupkin, ATMJackpot, Suceful, RIPPER, WinPot, PRILEX, ATMii and GreenDispenser. Many of these pieces of malware allow their operators to conduct so-called “jackpotting” attacks, where the attacker instructs the targeted ATM to dispense cash.


According to Eclypsium, vulnerabilities affecting the drivers running on ATMs or PoS devices could allow attackers to escalate privileges and gain “deeper access” into the targeted system.


“By taking adv ..