SYMBOLCOMMON_NAMEaka. SYNONYMS
jar.javadispcash (Back to overview)

JavaDispCash


JavaDispCash is a piece of malware designed for ATMs. The compromise happens by using the JVM attach-API on the ATM's local application and the goal is to remotely control its operation. The malware's primary feature is the ability to dispense cash. The malware also spawns a local port (65413) listening for commands from the attacker which needs to be located in the same internal network.

References
2019-11-29Github (fboldewin)Frank Boldewin
@online{boldewin:20191129:libertad:974f5d8, author = {Frank Boldewin}, title = {{Libertad y gloria - A Mexican cyber heist story - CyberCrimeCon19 Singapore}}, date = {2019-11-29}, organization = {Github (fboldewin)}, url = {https://github.com/fboldewin/Libertad-y-gloria---A-Mexican-cyber-heist-story---CyberCrimeCon19-Singapore}, language = {English}, urldate = {2019-12-17} } Libertad y gloria - A Mexican cyber heist story - CyberCrimeCon19 Singapore
JavaDispCash
2019-03-28Twitter (@r3c0nst)Frank Boldewin
@online{boldewin:20190328:javadispcash:8899167, author = {Frank Boldewin}, title = {{Tweet on JavaDispCash}}, date = {2019-03-28}, organization = {Twitter (@r3c0nst)}, url = {https://twitter.com/r3c0nst/status/1111254169623674882}, language = {English}, urldate = {2020-01-06} } Tweet on JavaDispCash
JavaDispCash

There is no Yara-Signature yet.