Ready-made tools to hack ATMs now trending on dark web.

What is the dark web? How to access it and what you’ll find

The dark web is part of the internet that isn’t visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

Earlier, it would require a pro hacker to know at least the basics of using such tools to be able to pull off an ATM heist.


It would take even an amateur barely 15 minutes to hack an ATM machine nowadays, given the plethora of advanced tools and devices available on the dark web to do the same.

Earlier, it would require a professional hacker to know at least the basics of such tools to be able to pull off an ATM heist. But, now, a startup called CloudSEK has discovered that dark web sellers are offering ready-made tools such as malware cards and USB ATM malware card, which are really easy to use.

Commenting on this, Rakesh Krishnan, a security researcher at CloudSEK, said: “Earlier, these were slightly complicated; now with these devices, anybody can control such machines. Krishnan learnt about the state-of-the-art hacking tools after he guised himself as a buyer of hacking tools to learn about the latest devices available, reported The Economic Times.

One such seller offered him a complete package rife with an ATM malware card, a PIN descriptor, a trigger card, and even an instruction guide. When installed, this would automatically read all card details and money can then be withdrawn from the victim’s account using the trigger card. The seller also offered Krishnan other ATM hacking devices such as EMV skimmer, GSM receiver, ATM skimmer, Deep insert, etc.

ATM machines can also be hacked by infecting them with a Malware-hosted USB drive. Moreover, ATM hacking tutorials are also available on the dark web for a mere $100. Krishnan added: “ATM machines over the world are built in similar ways using similar software, so these malwares sell easily.”

Also, these malwares usually target systems that work on Windows XP. Besides, one need not be in physical contact with the ATM machines to hack them. The malware Ploutus-D is one such tool that helps anyone control hardware devices to dispense cash from an ATM machine in no time.


Dark Web and ATM Hacking

The dark web, which is a component of the deep web, is the nesting ground of online, as well as offline criminal activities. Though most of us have a general understanding of the dark web, we are still unaware of the specific activities it facilitates, and how it affects us on a daily basis.

ATMs are a common part of our everyday lives, yet we know little about how ATMs can be exploited, by even the most novice of attackers. At CloudSEK, we have unearthed a range of techniques and devices, that are used and sold on the dark web, for the purpose of hacking ATMs.

There used to be a time when hacking an ATM required sophisticated skills and tools. Not anymore. We have encountered amateurs with rudimentary skills, who have hacked ATMs, using the tools and tutorials available on dark web marketplaces. This is possible because the devices sold on the dark web come with detailed instruction manuals. And most of these devices can be operated remotely, using an Antenna, to target systems that run on basic Windows XP.

ATM Malware Card

On the dark web, anybody can buy an ATM Malware Card, that comes with the PIN Descriptor, Trigger Card and an Instruction Guide. This manual provides step-by-step instructions on how to use the card to suspend cash from ATM machines. Once the ATM Malware card is installed in the ATM, it captures card details of all the customers who subsequently use the ATM. The Trigger card is then used to dispense cash from ATMs.

(Fig.1: Screenshot of dark web shopping site: ATM Malware Card with product description)
(Fig.1: Screenshot of dark web shopping site: ATM Malware Card with product description)

The image above, shows the product description provided on dark web marketplaces, to advertise the features and benefits. This malware mainly targets ATM machines that run on Windows XP. This card is capable of drawing out all the money that is available in the affected machine; which could amount to as much as $500,000. The product description is so detailed that even a layman can use it to hack an ATM.