Millions Stolen via ATM Malware Rigged to Make Machines Drop Cash - How to, Technology and PC Security Forum | SensorsTechForum.com

Millions Stolen via ATM Malware Rigged to Make Machines Drop Cash

shutterstock_223094779
Hacking group with long history in banking attacks has been reported to cause infections to ATM machines, allowing them to rig the machines to directly spit cash on the street. All the crooks had to do is stay in front of the machine and take the cash.

The FBI has warned banks in the U.S. to be on the lookout, but the ATM theft technique, called “jackpotting” is also spread in countries, like:

  • Moldova.
  • Estonia.
  • Armenia.
  • Belarus.
  • Bulgaria.
  • Kyrgyzstan.
  • The Netherlands.
  • Poland.
  • Russia.
  • Spain.
  • Romania.
  • The U.K.
  • Malaysia.

The manufacturers of ATM machines DN and NCR have so far not provided information as to which banks were affected by their devices.

Reuters also reports that such attacks were launched from a remote C&C (Command and Control) servers. What Is believed is that the hackers gain access to the key networks directly controlling the ATM machines and then they begin to dispense the cash simultaneously, before anyone notices and blocks them from the banks’ side.

Cobalt Hacking Group Believed to Be Responsible

Many experts link these attacks to a hacking group with long criminal history related to such attacks. The Cobalt group is the one which was behind the attacks conducted in Russian banks in 2015 and 2016 of a very similar character. This group used wire transfers that were somewhere in the range of millions.

The ATM Hack Saga Continues

The main companies behind the hacked ATMs also report that it is very likely for more attacks to be seen launching in the near future and they are working together with banks to cooperatively block future cyber-heists.

When it comes to the government, the Europol does not have any statements regarding the attacks which most likely means that they are conducting an active investigation on the matter.

The two companies who produced the ATM have reportedly coordinated with banks to exchange information on how to block any future attacks on their devices if they are detected.

Not only this, but security organizations and government agencies who have looked into the matter, believe that Cobalt is not the only suspect and there is also a big Russian ATM hacking group that many refer to as Buhtrap and they could have something to do with the ATM malware itself.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.