SYMBOLCOMMON_NAMEaka. SYNONYMS
jar.javadispcash (Back to overview)

JavaDispCash

JavaDispCash is a piece of malware designed for ATMs. The compromise happens by using the JVM attach-API on the ATM's local application and the goal is to remotely control its operation. The malware's primary feature is the ability to dispense cash. The malware also spawns a local port (65413) listening for commands from the attacker which needs to be located in the same internal network.

References
2019-11-29Github (fboldewin)Frank Boldewin
Libertad y gloria - A Mexican cyber heist story - CyberCrimeCon19 Singapore
JavaDispCash
2019-03-28Twitter (@r3c0nst)Frank Boldewin
Tweet on JavaDispCash
JavaDispCash

There is no Yara-Signature yet.