Cyber Incident Victim: United Overseas Bank

In October 2014, a Latin American criminal group executed coordinated attacks on automated teller machines (ATMs) across Malaysia, compromising 17 ATMs affiliated with United Overseas Bank, Affin Bank, Al Rajhi Bank, and Bank of Islam. The attackers physically accessed the targeted ATMs by opening the top panel of each machine without using a key, bypassing physical security measures. They inserted a compact disc containing the "ulssm.exe" malware into the ATM's processing center, triggering a system reboot that enabled unauthorized control over the devices. Closed-circuit television footage confirmed that 2-3 Latin American males conducted sequential cash withdrawals from the compromised ATMs following the malware installation. The group successfully stole approximately $1.2 million through these operations, with police later recovering one ATM card used during the thefts. Law enforcement confirmed the malware forced ATMs to revert to default settings but noted no customer data compromise occurred due to this system reset.

Bukit Aman Commercial Crime Investigation Department led the investigation under Comm Datuk Mortadza Nazarene, coordinating with Selangor Commercial Crime Investigation Department authorities. Police examined the malware's functionality and the physical breach methodology while reviewing CCTV evidence to identify suspects. Investigators determined the perpetrators remained in Malaysia following the attacks and continued active inquiries to locate them. The incident exclusively impacted ATM hardware and cash reserves without affecting core banking systems or customer databases. Financial institutions collaborated with law enforcement to assess physical security vulnerabilities exposed by the attackers' ability to open ATM panels without legitimate keys. No public statements from the affected banks regarding financial reimbursements or long-term security changes were documented in the available report as of the investigation's active phase.