Hackers Attack ATMs with Malware Forcing Them to Spit Out Cash
Hackers Attack ATMs with Malware Forcing Them to Spit Out Cash

Hackers are now started targeting the bank itself to steal cash directly from ATM machines. FBI warns of potential attacks in U.S after similar crimes in Taiwan and Thailand

Hackers Attack ATMs with Malware Forcing Them to Spit Out Cash

We have seen ATM hackers strongly relies on tactics of stealing ATM card/pin numbers and internet banking credentials to steal millions. However, hackers are now started to target the bank itself to steal cash directly from ATM machines.

FBI has now warned that hackers have the ability to program ATMs to spit out cash, confirming this has already happened in Taiwan and Thailand earlier this year where the gang members stood in front of the ATM’s and collected the money.

FBI has now warned U.S banks of the potential of similar ATM jackpotting attacks, saying that the agency is “monitoring emerging reports indicating that well-resourced and organized malicious cyber actors have intentions to target the U.S. financial sector”

Let me tell you ATM jackpotting is a technique used by hackers to force automated ATM machines to spit out cash. As reported by Russian Cyber security firm Group-IB, hackers have remotely infected ATM machines with malware in more than dozen countries across Europe this year.

Cyber criminals are targeting ATMs for at least five years. However, the latest technique which lets ATMs spit out cash involved in very small numbers on ATMs because here hackers need to physical access the machines in order to collect cash.

Russian cyber security firm Group-IB reported that the hackers have target Armenia, Bulgaria, Estonia, Georgia, Belarus, Kyrgyzstan, Moldova, Spain, Netherland, Poland, Romania, United Kingdom, Malaysia, and Russia. However, Group-IB didn’t mention the banks that are targeted.

Diebold Nixdorf and NCR corp., world’s two largest ATM manufacturers said they were aware of this ATM attacks and already working to find out the defense for this type of attack. They also provided banks with information on how to thwart the attack. As reported by Reuters:

“We have been working actively with customers, including those who have been impacted, as well as developing proactive security solutions and strategies to help prevent and minimize the impact of these attacks,” said Owen Wild, NCR’s global marketing director for enterprise fraud and security”

The disclosure of the latest campaign comes just after few months of two large ATM hacks, where hackers stole $2.5 million from Taiwan’s First bank and $350,000 from Thailand’s state-owned Government saving bank.

Cyber security firm Group-IB believes that the attack across the Europe was conducted by a single hacker group, known as Cobalt. However, FBI believes that the attack could be linked to the group known as Buhtrap, as reported by Wall Street Journal.

However, looking at the tools and techniques used by Cobalt and Buhtrap, Cybersecurity firm Group-IB believes that both the hacker’s group are linked together, which stole $28 million from Russian banks between August 2015-January 2016.

What do you think about this type of attacks? Share your thoughts in the comment section below.