An interesting piece of software was spotted by Vanja Svajcer from Sophos proves it is embedded in Diebold ATMs. The backdoor heavily conceals its presence in order to stay undetected during audit checks. It is not entirely clear (no evidence) how this software penetrated on an ATM, an educational guess is that it was implanted by someone who knew the architecture and had direct physical access to the Diebold ATM hardware and software. A privileged insider, who either wanted extra security in the times of hardship by having unlimited access to cash, or maybe planned to rob the banks in one large-scale distributed attack.”]
Source: http://blog.threatexpert.com/2009/03/effect-of-credit-crunch-on-backdoors.html