Security Affairs
Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Rufus malware used to empty ATMs running outdated OS in India

Indian authorities are facing with the Rufus malware, a malicious code used to clean out ATMs running outdated Windows XP software across states. Many security firms and law enforcement agencies are warning of malware-based attacks against ATM. Recently 27 people have been arrested by the Europol for jackpotting attacks on ATM across many countries in Europe. […]

Rufus malware ATM India

Indian authorities are facing with the Rufus malware, a malicious code used to clean out ATMs running outdated Windows XP software across states.

Many security firms and law enforcement agencies are warning of malware-based attacks against ATM. Recently 27 people have been arrested by the Europol for jackpotting attacks on ATM across many countries in Europe.

Last threat spotted in the wild is the Rufus malware, it is a Chinese malicious code that could be used to compromise ATMs. Indian authorities have observed numerous cyber attacks leveraging this threat. Reports of cyber heists come from West Bengal, Gujarat, Odisha, and Bihar.

The Rufus malware could be used to hack only ATMs running outdated software, all the ATMs targeted by crooks were found to be still using the old versions of Windows XP.

According to The Dailymail, the first attack was reported in Odisha city, the police are working with cyber experts to identify cyber criminals.

Rufus malware ATM India

The crooks use to target unguarded ATMs nighttime, they infect the system with a pen drive that is inserted into the USB port. Once the malware has infected the ATM, it would restart the system interrupting the connection with the service provider’s servers.

The Rufus malware generates a code after it infected the system, the code is then sent back to the crooks that convert it into a password. Every time the password is entered, the ATM releases the money.

“The malware when used on an ATM generates a code, which the crooks send to their gang members, who convert the code to a password, and as soon the password is applied the ATM dispenses cash,'” reported The DailyMail.

“The officer said banks would not immediately learn about the crime as crooks bypass the server and the hackers swiftly walk away without raising an alarm.”

Of course, such kind of attack is the result of the lack of adequate security measures for ATMs, it is expected that the Indian Government will force ATM manufacturers to upgrade the system running on their machines.

“The government and RBI should make ATM manufacturers compulsorily install new and robust operating systems,” said Mumbai-based cyber lawyer and expert Prashant Mali.

“‘If the government plans to increase the number of ATMs, then it should ensure that they are available whenever needed.”

 ATM vendors denied the existence of any security loopholes or other vulnerabilities exploited by cyber criminals.

The Reserve Bank of India is working closely with National Payment Corporation of India to instruct the banks on how to enhance their security.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Rufus Malware, ATM)

[adrotate banner=”13″]