Leaked ATM manual allows hackers to steal millions

Stolen cash from ATMs in various parts of the world this year might have been abetted by a leaked programming manual for interacting with the physical components of automated teller machines.


Kaspersky Lab reported Tuesday that at least 50 ATMs in Eastern Europe and elsewhere have been infected with a malware program dubbed Tyupkin. The malware allows hackers to control the ATM's through the machines’ keypads to dispense bills stored in their cassettes. It’s believed that Tyupkin was used to steal millions.

The question is how did the hackers figure out the keypad code? The answer was eventually found in a programmer’s reference manual from NCR, a U.S. manufacturer of ATMs, point-of-sale devices and self-service kiosks, that was posted on an e-book site owned by Chinese online search company Baidu.

The researchers said: “The documentation is helpful enough to give programmers some sample code as well."