Wed, Jan 31, 2018
The U.S. Secret Service warns that ATM “jackpotting” — the installation of malicious software and hardware onto ATMs — has made its way to the U.S. The agency recently released an alert.
ATM jackpotting is a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that force the machines to dispense huge volumes of cash on demand. To execute a jackpotting attack, perpetrators must gain physical access to the cash machine and install malware, or specialized electronics, or a combination of both to control the operations of the ATM.
Criminals have been able to find vulnerabilities in financial institutions that operate ATMs, primarily ATMs that are stand-alone. The targeted stand-alone ATMs are routinely located in pharmacies, big box retailers, and drive thru ATMs. Criminals range from individual suspects to large organized groups, from local criminals to international organized crime syndicates.
ATM makers Diebold Nixdorf and NCR Corporation confirmed they have alerted clients to the potential jackpotting attacks. A spokesperson for Diebold Nixdorf said older Diebold units are being targeted.
To prevent further attacks, a Diebold Nixdorf advisory suggests that clients implement physical authentication access controls for technicians and improve investigations into unusual transactions.
If you have any questions, please contact Andre Lucas, director of compliance at firstname.lastname@example.org or 443.325.0777.