Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>SUCEFUL: the first multi-vendor ATM malware

SUCEFUL: the first multi-vendor ATM malware

Security experts have discovered a new strain of malware dubbed Suceful (Backdoor.ATM.Suceful) specifically designed to target ATMs. Malware designed to hack ATMs are not new as in the past security experts have already detected malicious codes used to make ATMs dispense cash, such as Ploutus or Tyupkin. The variant detected by FireEye appears to have been created on August 25. The SUCEFUL capabilities in Diebold or NCR ATMs include reading all the credit or debit card track data, reading data from the chip of the card Control of the malware via ATM PIN pad, retention or ejection of the card on demand. Similar to other ATM malware, SUCEFUL interacts with a middleware called XFS Manager which is the interface between the application and the peripheral devices (e.g., printer, dispenser, card reader, in pad).
Security Affairs
Team Cymru
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis