Slashdot Mirror

← Back to Stories (view on slashdot.org)

ATM Hacks in 'More Than a Dozen' European Countries in 2016 (zdnet.com)

Posted by msmash on from the bank-heist dept.

Cybercriminals have hacked ATMs in more than a dozen countries in Europe this year using software that forces the machines to spit out cash, according to Russian cybersecurity firm Group IB. ZDNet adds: This type of attack, known as "jackpotting", is part of hackers' shifting focus from stealing card numbers and online banking details towards a more lucrative method that gives them access to both ATMs and electronic payments. The firm said attacks had successfully compromised banks in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, Poland, Romania, Russia, Spain, and the United Kingdom, as well as in Malaysia. However, the firm declined to disclose the banks' names. ATM makers Diebold Nixdorf and NCR Corp said that they are aware of the attacks, and have been working with customers to mitigate the threat. Dmitry Volkov, head of intelligence at Group IB said that he expects more heists on ATMs in the future.

3 of 22 comments (clear)

  1. Hmmmm... Useful by Esteanil · · Score: 2

    "software that forces the machines to spit out cash" sounds useful.
    Anybody got a copy? :-P

    --
    I'm a dreamer, the world is my playpen. But hey, I'm a serious person, I can't dream all the time.
  2. I guess, it is a single bank by fubarrr · · Score: 3, Interesting

    >banks in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, Poland, Romania, Russia, Spain, and the United Kingdom, as well as in Malaysia

    The only bank with branches in aforesaid countries, with exception of Spain (they run a re-branded outlet after Spain busted Russian mafia there,) is Russian Sberbank; and yes, they had master password leakages many times before.

    And I believe that guys who were PWNing them were their own, as nobody except for Russians have mule networks with such size and reach.

  3. Another known trick by fubarrr · · Score: 2

    The other known "trick" is to make the ATM hardware to mess up it's cash cassette setup, to make it think than all cassettes have $5 buck notes instead of 100. This requires service password, but no physical access. It is impossible for the serviceman with this password to simply order the ATM to open its protected compartment or spew cash, but things like turning off its internet connection, see its VPN settings, launch internet explorer to a site with exploit (most ATMs are windows XP machines) and etc.

    Banks to have good checks on their tech staff, but this prevents nothing if a serviceman simply sell his password to a 3rd party.