Russian daily Kommersant reports that the Bank of Russia detected malware that hides inside ATM’s operating memory which "forces" them to dispense cash to anyone who enters certain code on its keyboard. The paper cites the deputy head of information security Artem Sychev, and adds that cash machines made by NCR were among the ATMs mostly attacked.
Kommersant also writes that according to sources who received the Bank of Russia FinCert newsletter with a description of the virus, the virus in question is the so-called "Disembodied" or Bespalova virus that “lives” in ATM RAM. According to FinCert, the ATM virus was first noticed in Russia for the first time. Since the virus does not have a file body, it can not be removed by anti-virus programs and can live in infected ATM indefinitely, according to sources.
“The virus is aimed at stealing funds directly from the bank teller machine, and is activated after a specific code is punched in, at which point it gives all the cash from the first cassette dispenser....MORE
And via GeekCulture, although not exactly comparable attacks (ransomware being just one type of malware), the lighter side of dystopia: