As you may know, fileless malware uses legitimate tools on ATM machines, permitting hackers to install viruses on the RAM memory, which disappear after the first reboot. These non-malware attacks permit the users to gain access on existing software, initiate allowed protocols without downloading any malicious file.
Recently, Kaspersky’s Sergey Golavanov discovered that two Russian banks were targeted by such an attack, the hackers stealing $800.000 in a single night.
The ATMs did not have any malware installed on them and the CCTV cameras have recorded the hacker leaving with stacks of bills, as if it was normal. In less than 20 minutes, the hacker took $100.000 worth of cash. The only clue left behind was a log file, which included one line in English: “Take the money.”
This type of attack gets more and more frequent, according to Kaspersky, fileless attacks have targeted more than 140 backs in Europe, United States and elsewhere, but the full details of the technique are not yet known.