ATM Malware: ‘SUCEFUL’ malware locks ‘debit card’ in ATM

The ‘SUCEFUL’ ATM malware has been analyzed by FireEye and they have published an full report about the ‘SUCEFUL’ malware on their blog. The ATM malware is not new, the first version of ‘SUCEFUL’ was seen in 2013 and it was dubbed as Ploutus[1], PadPin[2] and Tyupkin by various antivirus companies.

The Ploutus family was active in Mexico and Russia, but in 2015 the ‘SUCEFUL’ malware was uploaded to VirusTotal and the FireEye researcher thinks that the ‘SUCEFUL’ malware might still be in development.

suceful malware screenshot

You can find the public ‘SUCEFUL’ malware by using the following ‘Backdoor.ATM.Suceful’  hashes:

  • 4bdd67ff852c221112337fecd0681eac
  • f74755b92ffe04f97ac506960e6324bb