Recently, a cyber threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine (ATM) switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. The result is that he/they are receiving “Free money” ATMS.
Threat intelligence researchers are tracking the cluster under the name of UNC2891, with some of the group's tactics, techniques, and procedures sha
