Jackpotting Hits ATMs in the USA

On January 31st, 2018, posted in: Hackers, Jackpotting by konweb

ATM “jackpotting” the practice of hacking an ATM and causing it to dispense large amounts of cash all at once is beginning to flourish in the United States according to an Secret Service press release issued on January 26th.

According to the Secret Service

“ATM jackpotting is a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that force the machines to dispense huge volumes of cash on demand. To execute a jackpotting attack, perpetrators must gain physical access to the cash machine and install malware, or specialized electronics, or a combination of both to control the operations of the ATM.

Criminals have been able to find vulnerabilities in financial institutions that operate ATM’s, primarily ATM’s that are stand-alone. The targeted stand-alone ATMs are routinely located in pharmacies, big box retailers, and drive thru ATMs. Criminals range from individual suspects to large organized groups, from local criminals to international organized crime syndicates.”

Ploutus.D PLUS Surgery Delivers the Cash

According to a Global Security Alert distributed by Diebold-Nixdorf and uploaded to KrebsonSecurity.com thieves in Mexico have been using a variant of the well known Ploutus ATM malware known as Ploutus.D. What’s new is the novel approach thieves have taken to inject the malware.

“In order to initiate the dispenser communication additionally a dedicated button inside the safe needs to be pressed and held. With the help of an extension, which is inserted into existing gaps next to the presenter, the button is depressed. According to customer CCTV footage the criminals use an industrial endoscope to achieve this.”

Source: gadgetsforgeeks.com.au

CyberCrime Follows the Money

Jackpotting ATMs has to be the most straight forward example of cybercrime chasing the money. When your organization is targeted, the motive and attack vector will likely be more discreet. Criminals may decide to steal your trade secrets or personal information or perhaps infect your systems with ransomware. Frankly, you’ll never know until it is too late. That is where Konsultek comes in. For well north of two decades we have been designing and implementing robust, holistic security solutions for organizations small to large across a variety of market verticals. From education to finance to manufacturing we have the expertise to develop the solutions your organization needs. Pick up the phone and schedule an appointment to learn more.

 

read more