Reports are emerging in the US of cyberattacks on ATM machines known as “jackpotting” attacks - whereby fraudsters install malicious software and technological equipment on ATMs, forcing the machines to release large sums of money.
Security news website Krebs on Security reported that ATM manufacturer NCR Corp. sent an advisory to customers on Friday, in which it announced that it had received reports from the Secret Service and other sources about jackpotting attacks, which the advisory calls “logical attacks,” on US ATM machines.
“This represents the first confirmed cases of losses due to logical attacks in the US. This should be treated as a call to action to take appropriate steps to protect [...] ATMs against these forms of attack and mitigate any consequences,” the advisory reads.
An anonymous source told Krebs on Security that the Secret Service has warned of a series of such attacks over the past week and a half, and has noted evidence of plans for future attacks across the US.
A Secret Service alert obtained by Krebs on Security described the modus operandi of “jackpotting” fraudsters.
“The targeted stand-alone ATMs are routinely located in pharmacies, big box retailers, and drive-thru ATMs. During previous attacks, fraudsters dressed as ATM technicians attached a laptop computer with a mirror image of the ATM's operating system along with a mobile device to the targeted ATM.”
The Secret Service alert explained that the cyberattackers typically use a medical tool for looking inside the human body called an endoscope, which allows them to locate the inner part of the ATM, enabling them to sync their laptop with the ATM’s computer and carry out their nefarious scheme.