Hackers Now Emptying U.S. ATMs
Hackers targeting ATMs isn’t breaking news. Historically, these attacks have been seen throughout Asia and Europe. However, according to Krebs on Security, these attacks are now spreading throughout the U.S. Earlier this month, the U.S. Secret Service quietly began warning financial institutions that “jackpotting” attacks have now been spotted targeting ATMs in the U.S.
In order for the attacks to be successful, the hackers have to have physical access to the ATM. Upon gaining access, they install malicious software, often by using specialized electronics, to gain access to the functionality of the ATM. Upon gaining access, they have the ability to withdrawal large amounts of money — earning the “jackpotting” name. Once the control is taken over by the hackers, the ATM will appear “Out of Service” to others.
Brian Krebs states,
“The source said the Secret Service is warning that thieves appear to be targeting Opteva 500 and 700 series Dielbold ATMs using the Ploutus.D malware in a series of coordinated attacks over the past 10 days, and that there is evidence that further attacks are being planned across the country.”
Once the attack is initiated, the ATM will dispense approximately 40 bills every 23 seconds, until the ATM is empty. The only way to stop the attack, once initiated, is by pressing “Cancel” on the ATM.
Since the cash withdrawal is not coming from a specific account, the individual account holders should not be impacted. However, the cash has to come from somewhere right? It is uncertain how banking institutions will handle these situations should they fall victim — cyber security insurance perhaps?
It is important banks understand the risk they are now facing, and take proper precautions to avoid being targeted.