For the first time on record, ATMs located in the US are falling prey to jackpotting, an attack in which malicious hardware or software forces the machines to dispense huge amounts of cash to waiting thieves, KrebsOnSecurity reported over the weekend.
Jackpotting has been documented in other countries, but until recently it had never been reported in the US. Citing an unnamed person close to the matter and a confidential alert, reporter Brian Krebs reported on Saturday that the US Secret Service has received credible reports of front-loading ATMs made by Diebold Nixdorf being targeted by so-called cash-out crews. The thieves are carrying out the heists by first getting physical access to the machines and infecting them with malware known as “Ploutus.D.”
“The targeted stand-alone ATMs are routinely located in pharmacies, big box retailers, and drive-thru ATMs,” stated the confidential Secret Service alert sent to financial institutions and obtained by KrebsOnSecurity. “During previous attacks, fraudsters dressed as ATM technicians attached a laptop computer with a mirror image of the ATM’s operating system, along with a mobile device, to the targeted ATM.”
The person with knowledge of the alert told Krebs that the attacks occurred over the past 10 days and that there’s evidence more are being planned. The source said the attacks are targeting Diebold Nixdorf’s Opteva 500 and 700 series machines. Krebs also published an alert issued by Diebold Nexdorf that outlines steps customers can take to safeguard the machines.
According to Krebs, the Secret Service alert said the attackers typically insert a doctor’s endoscope into targeted ATMs to locate an internal part that can communicate with a laptop. The attackers then attach a cord that allows them to use their computer to control the machine. After installing the malware, remote thieves can force the machines to dispense cash to one or more partners who are on-site.
“In previous Ploutus.D attacks, the ATM continuously dispensed at a rate of 40 bills every 23 seconds,” the alert stated. Once the cycle starts, the machine will be completely emptied of all cash on hand unless the person collecting the cash presses a cancel button on the keypad.
In 2009, researchers documented a family of malware that infected ATMs in Eastern Europe. A year later, researcher Barnaby Jack demonstrated a series of ATM attacks at the Black Hat Security conference in Las Vegas. Security firm Symantec chronicled Mexican ATM attacks in 2013, and FireEye wrote about Ploutus.D last year. FireEye said that, for Ploutus.D to be used, attackers must pick the ATM locks, use a stolen master key, or otherwise remove or destroy part of the machine.
If your bank account has been affected after a “Jackpottting” episode you will need to contact them to find out what to do. The bank will most likely restrict account access in the case of limited funds at the ATM or so I have read. Why would anybody Jackpot when you can hit the jackpot legally? C’mon criminals it is not that hard to earn passive income over the rest of your life. I have used this website to earn passive income while I watch my kid as a stay at home dad. I have to contribute to society somehow and this is a great way to make extra REAL money you gotta give this a listen at least. Passive Income Generation has changed my life and gave me the ability to do what I want when I want when I’m not babysitting. Hopefully we will have enough for my wife to retire from her teaching job. This is that powerful at least in my life if you get the time click on the blue link above. Jack-potting is stupid passive income generation smart. It’s not that hard criminals.