First identified in September 2024, the attacks target Remote Management Software (RMS) systems and allow unauthorized users to redirect ATM communications, enabling unauthorized control.