A recently published report reveals that hacking groups are using a virus designed for ATM machines called Cutlet Maker, the attacks of this type are also known as “jackpotting”. This is due to the fact that when the virus is activated it will open the cash drawers and allow the users to withdraw the deposited money. An investigation reveals further information about the malware which is outlined in our article.
“Jackpotting” ATM Infection Technique Made Possible by Cutlet Maker Malware
A recently published report indicates that hacker worldwide are using a dangerous new ATM malware called Cutlet Maker in order to lead to the so-called “Jackpotting” attacks. This is the type of attacks which are programmed to open the drawers of the machines and allow the hackers to withdraw all contained within funds. They are not frequently made so when incidents happen they are discussed widely in the professional community.
In this particular case the analysts have discovered that the majority of attacks are against a specific ATM manufacturer and the locations that are targeted include countries in Latin America, Southeast Asia and the US. Most of the detected attacks are set against American victims. No specific information is available about the machines and the banks that operate them however the reported cases all contain similarities that have prompted the analysts to group them under the Cutlet Make malware attacks.
Underneath the ATM Jackpotting Attack Operations: Possible Cutlet Maker Origins
While not a lot of information about the criminals behind the malware is known publicly at this point it is highly suspected that the main malware engine is probably sold in the hacker underground markets where it may exist in different formats. The two most popular types are the following:
- Base Malware Code — The criminals have provided a base one that prospective attackers would need to customize themselves in order to provide the jackpotting functionality as intended.
- Customized Variants — The other technique makes use of already made custom versions which are directed against the intended recipients. This means that the hackers will buy ready-made weapons that only need to be directed against the target networks that host the ATM machines.
It is speculated that such attacks will continue to be carried out by hackers, when they are successful it is often difficult to track the culprits. As a result they can be very lucrative and easy to carry out if vulnerable conditions are found. Investigation into the made crimes continue.