Skimer

Description

(Kaspersky) Unlike Tyupkin, where there was a magic code and a specific time frame where the malware was active, Skimer only wakes up when a magic card (specific Track 2 data, see IOCs at the bottom of this blogpost) is inserted. It is a smart way to implement access control to the malware’s functionality.

Names

Name
Skimer

Type

ATM malware

Information

https://securelist.com/atm-infector/74772/
https://nakedsecurity.sophos.com/2009/03/17/credit-card-skimming-malware-targeting-atms/
https://nakedsecurity.sophos.com/2009/03/18/details-diebold-atm-trojan-horse-case/
https://www.wired.com/images_blogs/threatlevel/2009/06/trustwave-security-alert-atm-malware-analysis-briefing.pdf
https://www.wired.com/2009/06/new-atm-malware-captures-pins-and-cash/
https://documents.trendmicro.com/assets/white_papers/wp-cashing-in-on-atm-malware.pdf

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.skimer

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:skimer

Other Information

Uuid

55d489e5-23be-425f-9159-78ef1d3ad502

Last Card Change

2021-04-24

Threat Intelligence Garden

Explorer

Skimer

Skimer

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks