Severity
Medium
Analysis Summary
FASTCash’s capability to manipulate AIX servers running a bank’s switch application to intercept financial request messages and reply with fraudulent but legitimate-looking affirmative response messages to enable extensive ATM cash outs. The newly identified malware provides FASTCash the additional capability to intercept and manipulate financial messages processed on a Windows server.
Impact
Fraudulent Transactions
Indicators of Compromise
Filename | vspmvc.dll |
Malware Hash (MD5/SHA1/SH256) | A2B1A45A242CEE03FAB0BEDB2E460587 |
Remediation