‘Jackpotting’ Attacks Hit U.S. ATMs Posted by Association of Vermont Credit Unions on 12:03 PM

ATM “jackpotting” — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, but now has hit the U.S. for the first time.  Earlier this week the Secret Service began warning financial institutions about jackpotting attacks now being reported in the United States.

To carry out a jackpotting attack, thieves first gain physical access to the ATM, then use malware or specialized electronics, or both, to control the operations of the ATM.  Reportedly, the Secret Service has received credible information that crooks are activating so-called “cash out crews” to attack front-loading ATMs manufactured by ATM vendor Diebold Nixdorf, but owners of other brand ATMs should also be on alert.  The typical targeted ATM is a stand-along located in pharmacies, big box retailers, and drive-thru ATMs.  Fraudsters dressed as ATM technicians attach a laptop computer with a mirror image of the ATMs operating system along with a mobile device to the ATM.  Attackers use an endoscope — a slender, flexible instrument traditionally used in medicine to give physicians a look inside the human body — to locate the internal portion of the cash machine where they can attach a cord that allows them to sync their laptop with the ATM’s computer.  Once complete, the ATM is controlled by the fraudsters and the ATM appears as Out of Service to customers.  By remote control, the ATM is then forced to dispense cash until empty.

Read the Krebs on Security article for complete details on this story.