First 'Jackpotting' Attacks Hit US ATMs

Brian Krebs, reporting for Krebs on Security: ATM "jackpotting" -- a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand -- has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators. But all that changed this week after the U.S. Secret Service quietly began warning financial institutions that jackpotting attacks have now been spotted targeting cash machines here in the United States.

To carry out a jackpotting attack, thieves first must gain physical access to the cash machine. From there they can use malware or specialized electronics -- often a combination of both -- to control the operations of the ATM. On Jan. 21, 2018, KrebsOnSecurity began hearing rumblings about jackpotting attacks, also known as "logical attacks," hitting U.S. ATM operators. I quickly reached out to ATM giant NCR Corp. to see if they'd heard anything. NCR said at the time it had received unconfirmed reports, but nothing solid yet.

Re: Windows XP in ATMs

You clearly don't have anything useful to contribute to this discussion. The issue isn't that the ATMs are running Windows, but rather that they're running old and unmaintained software. Running an old unsupported version of Linux is going to be just as vulnerable. Linux users bashing Windows is a lot like Donald Trump's obsession with Hillary Clinton. For desktops, a focus on bringing better applications to Linux would do far more to increase market share than bashing Windows. Instead, you come across as petulant and childish.

The other issue here is the physical access to the hardware, at which point all bets are off in regard to security. This really isn't about Windows, but more likely better limiting the physical access needed to carry out the attacks.

Grow up.

Re:Pro tip from Europe...

[Baron_Yam]

1) You meant to say 'Romani', a distinct ethnic group that isn't actually bound to the nation of Romania.

2) Still racist. Yep, there's higher crime rates with the Romani, probably because they're not particularly interested as a cultural group in integrating into their larger community. Which may be due to racists like you, who discriminate against them and remove the opportunity from many of those who would integrate if they could. Chicken and egg.

3) People who describe other people as 'filthy animals' are rarely the best of humanity. You're dehumanizing others as a justification for treating them like shit. Aren't you a wonderful person?

Re:But why??

[Baron_Yam]

I imagine you need an 'inside man' - maybe the person who reloads the cash dispenser and unloads the collection bin, but maybe not if the computer hardware is secured in a separate lock box. Anyway, you need somebody with physical access to compromise the machine.

THEN you go and use the ATM to get cash... but remember you're on camera, and your transactions are logged, right? So what you probably want is the ability to have the machine spit out extra money when you enter a particular code (which hopefully you can do with a camera watching the suspicious activity) during an otherwise perfectly legitimate transaction.

And you want to time it so you do it immediately after the machine has been reloaded, so you have the maximum possible time before the machine runs out of cash before it should and an investigation starts. And then you want to never hit that ATM again, or your risk of getting caught skyrockets.

So you need two conspirators and you get one payout that needs to be limited so you don't get caught. You're going to clear a few hundred with a single attempt or maybe have it 'accidentally' slip you an extra bill over many visits. Certainly you're not going to make enough to justify the risks - the inside man is risking their presumably steady legitimate employment in addition to jail.

So who is doing this and why?