Malware Turns ATMs Into Cash-Spewing Jackpots

...

It is every consumer's dream to find an ATM spitting out cash like a winning slot machine, and it seems that hackers in Eastern Europe have figured out how to make that a reality.

As outlined by Russian security firm Group IB, the hackers are linked to the Buhtrap crew, which stole $28 billion from Russian banks between August 2015 and January 2016, according to Reuters. But while Buhtrap looted ATMs via fraudulent wire transfers, the ATM scammers reportedly use a less hands-on method: "touchless jackpotting."

The remote hack works from anywhere in the world, robbing banks in as little as 10 minutes. The hackers reportedly use a penetration testing tool known as Cobalt Strike, which lets them access servers that control ATMs via bank PCs infected by malicious emails. Accomplices then wait by the targeted ATMs and scoop up the cash as it spits out of the machine.

The hackers reportedly hit financial institutions in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Malaysia, Moldova, the Netherlands, Poland, Romania, Russia, Spain, and the UK. Group IB did not reveal which banks were targeted.

Global ATM manufacturers Diebold Nixdorf and NCR confirmed to PCMag that they are "familiar" with these types of breaches.

"ATM attacks are becoming more complex and sophisticated as hackers dedicate more time to attacking infrastructure," an NCR spokeswoman said in a statement. "Securing one's infrastructure and endpoints is a never-ending and extremely important task that does not depend on the region or attack type."

Diebold Nixdorf, meanwhile, claims there is "no indication to us that this group of fraudsters is active in Europe or the Americas."

But that doesn't mean they won't be. "Logical attacks on ATMs are expected to become one of the key threats targeting banks," according to Dmitry Volkov, head of the Group IB investigation department.

"They enable cybercriminals to commit fraud remotely from anywhere globally and attack the whole ATM network without being 'on the radar' of security services," he said in a statement. "This type of attack does not require development of expensive advanced software—a significant amount of the tools used are widely available on the deep Web."

As the Wall Street Journal reports, the FBI recently warned US banks to look out for potential attacks, following incidents in Taiwan and Thailand over the summer.

"Every bank is under threat of logical attacks on ATMs and should be protected accordingly," Volkov added.

Categories
GAMES
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    IT's Guide for Securing and Managing Business Content

    Download Today's IT organizations are asked to give employees the devices and apps they need to work anywhere, while protecting the company's valuable information from security threats.Customers are turning to cloud solutions since most traditional on-premise solutions haven't been able to solve the evolving needs of organizations.
  • 5300c769af79e

    Mobile Summit: Top-tier speaker line-up announced

    As the world becomes more mobile by the minute, those businesses at the bleeding edge of innovation will succeed in leveraging customers — and their devices — wherever they are.Figuring out what it will take to do just that in 2015 is at the heart of VB’s Mobile Summit taking place February 23 & 24 at the Cavallo Point Resort in San Francisco.
  • 5300c769af79e

    SPIs Vs. APIs: Which Should IT Organizations Choose?

    For the past decade or so, application programming interfaces, or APIs, have been celebrated as the source of economic growth and opportunity.Dealing with APIs has become critical for IT organizations as a means to connect cloud applications with systems of record, for example.
  • 5300c769af79e

    Daydream 2.0 Will Introduce Casting, Screen Recording

    It’s called Euphrates and Google says to expect a bunch of new features, like Casting of your VR session to a nearby TV.In the revamped menu in Daydream 2.