Keyboard plugged into ATM port / Image: FireEye
Team Clark is adamant that we will never write content influenced by or paid for by an advertiser. To support our work, we do make money from some links to companies and deals on our site. Learn more about our guarantee here.
It’s every crook’s dream — an ATM that spits out cash like a geyser erupting and doesn’t stop until the machine is empty.
That’s exactly what’s happening thanks to a new criminal hack that has now been identified for the first time in the United States.
RELATED: The #1 way to protect yourself from ATM card skimmers
Long popular in Europe and Asia, Krebs on Security reports the first “jackpotting” hacks recently made their U.S. debut.
Over the weekend, two ATM makers — NCR Corp. and Diebold Nixdorf — told clients they were contacted by the Secret Service about jackpotting attacks at unspecified ATMs in America.
While NCR’s ATMs reportedly haven’t been hit yet, Diebold’s have.
Most at risk are standalone ATMs typically found at pharmacies, big box retailers and drive-thru ATMs, according to the confidential Secret Service memo obtained by Krebs on Security.
Diebold has not yet disclosed how much money has been lost.
Jackpotting starts with a criminal gaining physical access to an ATM. The first step is to pry open the top hat compartment of the ATM by picking its locks, using a stolen master key or breaking part of the machine.
Then, the criminal inserts an endoscope — a medical device typically used by a doctor for internal examination — to find the area of the ATM where they can attach a cord to sync their laptop or mobile phone with the ATM’s computer.
“During previous attacks, fraudsters dressed as ATM technicians and attached a laptop computer with a mirror image of the ATMs operating system along with a mobile device to the targeted ATM,” the Secret Service noted.
Malware called “Plotus.D” is used in this crime and the results are dramatic: The money comes pouring out — 40 bills every 23 seconds — and quickly adds up to thousands of dollars in just minutes.
Money mules with large bags are sent to the ATMs separate from the fake technicians. Their goal is simply to catch the falling cash and make a quick getaway.
Once the dollar dump is done, the phony techs come back and remove their equipment from the drained ATM.
This attack seems to be limited to Opteva 500 and 700 series Dielbold ATMs that run Windows XP at this time. But cyber-security firm FireEye tells Krebs on Security that a simple tweak in the malware could open this threat up to some 40 different ATM vendors in 80 countries.
While the jackpotting threat is targeted more at ATM operators than individuals, it’s a good time to reiterate some basic ATM safety tips:
RELATED: 9 places you should never use a debit card
[anvplayer video=”4189419″ station=”998267″]
This post was last modified on January 29, 2018 11:50 am
If you're considering subscribing to Fubo, you need to be comfortable missing out on some…
Are you looking for a way to earn 2% back on every purchase you make…
You're not alone if you're running a balance on your credit cards. Collectively, Americans are…
A big part of saving money comes down to knowing how to comparison shop. But…
If you work for a big company as a full-time employee, chances are you have…
Are you a Peacock subscriber? You soon will have to pay more to watch NBCUniversal's…