Thursday, 22 February, 2018

Cyberattackers target US ATM machines

ATM machines ATM machinesReuters
Nellie Chapman | 29 January, 2018, 14:42

The Secret Service is warning of a wave of so-called "jackpotting" attacks that target ATMs across the country.

Reuters later confirmed alerts were sent out to customers of both NCR and ATM maker Diebold Nixdorf, noting that neither company identified any victims or how much money has been lost. The US Secret Service started warning financial institutions that jackpotting was now a risk in the US last week, having started in Mexico a year ago, according to a confidental alert seen by Krebs on Security. The Secret Service says there was an alert sent to agents, telling them in the next few days there may be more attacks, Doris reported.

Criminals have been targeting cash machines in pharmacies, retailers and drive-through ATMs, according to the Secret Service. The company also offered advice on how to mitigate these attacks including updating to new firmware.

A Secret Service alert obtained by Krebs on Security described the modus operandi of "jackpotting" fraudsters. Once the suspects have breached the ATM's the machines can dispense up to 40 bills in 23 seconds - enabling the suspects to steal tens of thousands of dollars from any one ATM. Up until now, such attacks "have somehow eluded US ATM operators", Krebs said.

Diebold Nixdorf spokesman Mike Jacobsen confirmed the Krebs report that his company had issued the warning, but declined to say how many banks in Mexico and the United States had been targeted or comment on the size of any losses.

Reports are emerging in the USA of cyberattacks on ATM machines known as "jackpotting" attacks - whereby fraudsters install malicious software and technological equipment on ATMs, forcing the machines to release large sums of money.

NCR said the news should be "a call to action to take appropriate steps to protect their ATMs against these forms of attack".

"Logical attacks on ATMs are expected to become one of the key threats targeting banks: they enable cybercriminals to commit fraud remotely from anywhere globally and attack the whole ATM network without being "on the radar" of security services", Dmitry Volkov, Group IB's head of investigation, said in an earlier report.