Cyber Incident Victim: Affin Bank

In October 2014, a Latin American criminal group executed a coordinated attack on 17 ATMs across multiple Malaysian banks, including Affin Bank, United Overseas Bank, Al Rajhi Bank, and Bank of Islam. The attackers physically accessed the ATMs by opening the top panels without keys and inserted a compact disc containing the "ulssm.exe" malware into the machines' processing centers. This action forced the ATMs to reboot to their default settings, bypassing security protocols. Gang members, captured on CCTV footage as 2-3 Latin American males, conducted successive cash withdrawals from the compromised machines. The theft resulted in losses exceeding $1.2 million. Police confirmed the malware manipulation enabled unauthorized access but noted the system reset prevented customer data exposure. Investigators recovered one ATM card used in the transactions, linking it directly to the perpetrators.

Malaysian law enforcement, including the Bukit Aman Commercial Crime Investigation Department led by Comm Datuk Mortadza Nazarene and Selangor Commercial Crime Investigation Department personnel, initiated an active investigation into the incident. Authorities determined the suspects remained in Malaysia based on forensic and surveillance evidence. The investigation focused on the malware's functionality, the gang's entry methods, and their operational timeline across the targeted bank branches. No arrests were disclosed at the time of reporting. Financial impacts were confined to the stolen cash, with no secondary compromise of bank systems or customer accounts reported. Police emphasized the physical breach of ATM hardware as the attack vector, distinguishing it from network-based intrusions.