Security experts from Symantec discovered a malware, named FastCash Trojan, that was used by the Lazarus APT Group, in a string of attacks against ATMs across Asia and Africa. The hackers exploited an outdated, unsupported, version of IBM AIX, a flavor of the popular Unix operating system.
Lazarus is considered responsible for the massive 2017 WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the 2014 Sony Pictures hack.
“Once these servers are compromised, previously unknown malware (Trojan.Fastcash) is deployed. This malware in turn intercepts fraudulent Lazarus cash withdrawal requests and sends fake approval responses, allowing the attackers to steal cash from ATMs.”
Read more about it here.