 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Atmosphere| Names | Atmosphere | |
| Category | Malware | |
| Type | ATM malware | |
| Description | (Group-IB) To control the ATM dispenser, Silence uses a unique software called Atmosphere. Over time the Trojan has significantly evolved to address the needs of the criminals. For example, the developers have changed the logic of injection into processes and added the flexible injector, which has expanded the list of targeted ATMs. They have also removed the redundant features that interrupted the operation or were not used by the criminals. For example, the last version of the software didn’t process commands from the PIN pad and the generated log got smaller. In the initial stages, the software was recompiled a lot, which resulted in several unsuccessful cashout attempts. | |
| Information | <https://www.group-ib.com/resources/threat-research/silence_moving-into-the-darkside.pdf> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.atmosphere> | |
Last change to this tool card: 23 April 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Silence, Contract Crew | [Unknown] | 2016-Aug 2022 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |