Man arrested in Tyupkin malware cyber attack on UK ATMs

Police in Portsmouth have arrested a man in connection with ongoing cyber attacks on UK ATMs. The attacks have cost around £1.6 million.

The yet unnamed individual is allegedly part of an organised criminal group from Eastern Europe that has been targeting cash machines in London, Brighton and Liverpool.

The gang carried out their attacks by drilling holes in to ATMs and then inserting USB sticks containing the malware Tyupkin.

Detective Dave Strange commented: “An extensive, intelligence-led investigation has uncovered what we believe is an organised crime gang systematically infecting and then clearing cash machines across the UK using specially created malware.”

Cyber-enabled crime represents a major threat to our public and private sectors and to an increasing number of citizens. The only way to tackle this is by law enforcement and counter fraud agencies working in alliance, which is exactly what the London Regional Fraud Team and National Crime Agency (NCA) have done over several months, culminating in today’s arrest.

Security firm Kaspersky was the first to identify the malware. Vicente Diaz, principal security researcher at their Global Research and Analysis Team commented:  “Now we are seeing the natural evolution of this threat with cyber criminals moving up the chain and targeting financial institutions directly. This is done by infecting ATMs themselves or launching direct APT-style attacks against banks. The Tyupkin malware is an example of the attackers taking advantage of weaknesses in the ATM infrastructure.”

While you may think that this latest attack is of little significance to your business, it serves to reinforce how cyber attacks are becoming ubiquitous, with criminals targeting any weakness in any system.

How did this attack come about? Because cyber criminals found a weakness in a version of Windows being used on certain ATMs. Earlier this week we blogged about Microsoft’s warning about a vulnerability present in Microsoft OLE, which affects nearly all versions of Windows.

The point is this: if there is a weakness, it will be discovered.

Discover how secure your systems and networks are with a penetration test.