According to Konstantin Zykov, a researcher with cybersecurity firm Kaspersky Lab, in May 2017 a Kaspersky team discovered a darknet forum post advertising ATM malware targeting specific vendors. Offered for sale at US$5000, and already dubbed "Cutlet Maker", it was a crimeware kit designed to empty ATMs, without interacting with ATM users and their data. "This type of malware does not affect bank customers directly; examples of appropriate countermeasures against such attacks include default-deny policies and device control. The measure prevents criminals from running their own code on the ATM's internal PC," said Zykov. With the notable exception of Wells Fargo, still trying to shake off the damage of its fake-account scandal, US banks are moving back into the business of growth, reports the Financial Times in a wrap-up of US major banks' Q3 results. At Citigroup, for example, which shed about US$500 billion of assets in the years after the crisis, CFO John Gerspach talked about growth in credit cards in Mexico and wealth management in Asia. At Bank of America, which added about $90 billion of assets over the year, CFO Paul Donofrio said he welcomed any "refinement" to rules that "allows us more access and control over our capital [and] liquidity in support of responsible growth", FT reports.