Two of the world’s largest ATM manufacturers and the U.S. Secret Service have reportedly issued warnings regarding a newly uncovered wave of cash machine hacks that is apparently spreading throughout the country. The main method used in the hacks, called “Jackpotting,” essentially allows criminals to force an ATM to dispense all of its cash reserves. NCR Corp. and Diebold Nixdorf Inc. have both issued alerts to all of its customers regarding possible attacks on older ATMs currently in active use. According to a report from Krebs on Security, the method itself is apparently quite common in Europe and in Asia. The security blog also stated that the method had so far not yet been utilized by criminal elements in the U.S. until now.
According to a report from Reuters, older models such as the Opteva line of ATMs made by Diebold Nixdorf are specifically being targeted using the Jackpotting method. The hack itself is reportedly quite complicated and requires specialized electronics and customized malware. In most cases, criminals have reportedly used an endoscope to find a specific component on the ATM that can then be used to connect to a laptop. The U.S. Secret Service also issued an alert, through a confidential memo acquired by Krebs, which revealed that the attacks are moving from Mexico to the United States. It was also revealed that these hackers will most likely pretend to be ATM technicians and will mainly target ATMs in secluded areas such as pharmacies, small retail stores, and drive-thru cash machines.
Exclusive, breaking: The US Secret Service is quietly alerting banks and ATM operators that for the first time ever ATM "Jackpotting" attacks — designed to empty ATMs of cash via malware and hardware — have hit ATMs in the United States https://t.co/PcpnZ8owFJ pic.twitter.com/ZDsyaRs4k4
— briankrebs (@briankrebs) January 27, 2018
When an ATM is successfully hacked, the machine will then dispense cash at a rate of up to 40 bills every 23 seconds until its reserves are depleted. Machines that are running older operating systems, such as Windows XP, are apparently more vulnerable to these types of attacks. A lot of companies still have older models such as the Opteva line, which has long been discontinued, in active use. These companies either have not been diligent in upgrading their systems or simply cannot justify the upgrade to a newer model while the older units they have are still not functionally obsolete.
Both the manufacturers and the Secret Service have not yet divulged how much cash has been stolen in the country so far using this hacking method. The Secret Service has also advised the different companies still using older-model ATMs to immediately update their firmware. These companies have also been advised to tighten their security measures. Upgrading their monitoring systems, changing to rear-loading ATMs, and barring physical access to the machine have also been suggested to lessen the chances of an attack.