ATM hackers might have discovered a new home within the U.S., based on the latest report.
The number of so-called “jackpotting” attacks getting ATMs to spit out all of the money inside in areas together with the United States and Latin America has gone up, based on a joint investigation by Motherboard including Bayerischer Rundfunk German broadcaster. Large-scale ATM cash-out hacking has often been an overseas criminal enterprise.
The U.S. is a “quite popular” goal for ATM hackers; a source informed Motherboard. All these cash-out crimes have been around for a while, as noted in a report from Trend Micro, a cybersecurity firm.
In 2013, a cyber-gang stole $45 million from ATMs all over the world, the news Channel reported. Around $12 million were taken from cashpoints in Japan utilizing cloned ATM cards in 2016. The notorious Carbanak gang has stolen around $1 billion from banks all over the world, including schemes that cash out ATMs.
Hackers breached into computers at an Indian bank last year. They walked off with $11.5 million in unauthorized ATM withdrawals, an incident that happened after the FBI issued a warning regarding the imminent scheme.
Krebs on Security, a cybersecurity publication, described how it works. “Simply before executing on ATM cashouts, the intruders will remove many fraud controls on the financial institution, similar to maximum withdrawal amounts and any limits on the number of customer ATM transactions every day.”
With jackpotting, criminals use malware or hardware to get an ATM to dispense cash sometimes into the hands of waiting “mules,” based on Trend Micro’s report. “ATM attacks proceed to reap financial rewards for their perpetrators, which suggests we should not count on them to let up.”
The major weak point is that many ATMs are mainly old Windows machines, with a source called Motherboard, “these are very old, slow machines.”