Details of a major cybercrime campaign that used so-called jackpotting attacks have been uncovered thanks to a joint investigation conducted by Motherboard and the German broadcaster Bayerischer Rundfunk (BR).
Jackpotting is a technique in which cybercriminals use either malware or a piece of hardware to trick an ATM into ejecting all of the cash it contains. A stolen credit card isn't required to launch a jackpotting attack and those behind these attacks usually install the malware onto an ATM by opening a panel on the machine to gain access to a USB port.
Motherboard and BR's investigation revealed that while jackpotting attacks have decreased in Europe during the first half of this year, multiple sources have said that the number of attacks in other parts of the world have increased.
- ATM security still running Windows XP
- PDF files could be used to hack your PC
- Hackers hit ATMs with SMS malware
The US, Latin America and Southeast Asia have all faced jackpotting attacks recently and banks as well as ATM manufacturers have been impacted across the financial industry.
Back in 2010 at the annual Black Hat cybersecurity conference, the late researcher Barnaby Jack showed of his own strain of ATM malware live on stage. Once the malware was successfully deployed to the ATM, the word “JACKPOT” was displayed on its screen as the device spit out bank notes.
When it comes to the jackpotting attacks which occurred in Germany during 2017, prosecuting attorney Christoph Hebbecker revealed to the joint investigation that 10 incidents took place between February and November in which attackers were able to steal 1.4m Euro. However, now jackpotting has made a comeback as cybercriminals look to illegally earn funds in the real world.
One of the main issues with ATM security is that many ATMs are essentially aging Windows computers that are very old and slow. ATM manufacturers have made security improvements to their devices over the years but unfortunately that doesn't necessarily mean that all ATMs across the industry are up to the same standard.
Executive director of the ATM Industry Association in the US, Canada and Americas, David N Tente explained to Vice how banks can better protect their ATMs from jackpotting attacks, saying:
"In order to execute a jackpotting attack, you have to have access to the internal components of the ATM. So, preventing that first physical attack on the ATM goes a long way toward preventing the jackpotting attack."
In the world of cybersecurity, attack methods that fall out of favor with cybercriminals are often revived later on and that certainly seems to be the case with the recent wave of jackpotting attacks.
- Also check out the best free anti-malware software of 2019
Via Vice (opens in new tab)