‘Jackpotting’ hack makes its way to ATMs in US

It’s not the first time we’ve heard of hackers making ATMs spew out cash like a casino slot machine. We actually saw so-called “jackpotting” demonstrated last summer at the Black Hat security conference and it’s reportedly been a real threat for banks in Europe and Asia for a couple years now.

But a Saturday report from security expert Brian Krebs marks the stateside arrival of the crime, in which thieves install malicious software and/or hardware at ATMs that forces the release of the cash. Up until now, such attacks “have somehow eluded US ATM operators,” Krebs said.

“But all that changed this week after the U.S. Secret Service quietly began warning financial institutions that jackpotting attacks have now been spotted targeting cash machines here in the United States,” Krebs wrote.

On his website, Krebs on Security, he reported that the US Secret Service has warned financial institutions about the attacks in the past few days and notes that ATM maker NCR sent an alert about the threat to its customers.

Reuters later confirmed alerts were sent out to customers of both NCR and ATM maker Diebold Nixdorf, noting that neither company identified any victims or how much money has been lost. Both companies confirmed to CNET that those alerts went out offering customers guidance on how to protect their machines. The Diebold alert sent to its customers on Friday notes that the attacks were first reported in Mexico and target one of its out-of-production models.

The Secret Service notice, according to Krebs, said hackers have targeted stand-alone ATMs “routinely located in pharmacies, big box retailers, and drive-thru ATMs.”

The Department of Justice didn’t immediately respond to a request for comment about the Secret Service’s warnings.

from cnet.com

Please follow and like us:

Hits: 31

Leave a Reply

Your email address will not be published. Required fields are marked *