• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 6th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Jackpotting attacks hit U.S. ATMs; spit out cash in seconds

January 29th, 2018 Waqas Cyber Crime, Malware, Security 0 comments
Jackpotting attacks hit U.S. ATMs; spit out cash in seconds
Share on FacebookShare on Twitter

Jackpotting is an attack/technique to exploit ATMs to make them dispense cash without withdrawing it from a bank account – Now, U.S. ATMs are under Jackpotting attack.

The trend of hacking ATMs (automatic teller machines) is not new but with the passage of time, it is becoming a lot more persistent and sophisticated. In some parts of the world, cybercriminals use skimmers steal card data while in some places they prefer using explosives to crack open ATMs to steal cash.

In the United States, however, two of the largest ATM manufacturers Diebold Nixdorf and NCR Corp. have warned citizens to be aware of an attack in which hackers are taking over ATMs to steal cash in a technique that was never seen before in the country.

Dubbed ‘Jackpotting,’ the technique involves hackers to physically access the ATM, infect it with a malware/malicious software and use hardware including industrial endoscope which forces the machine to give away cash according to commands executed by hackers.

Jackpotting attacks hits US ATMs; spit our cash in seconds

An endoscope made to work in tandem with a mobile device (Source: YouTube)

This was revealed by journalist Brian Krebs who got his hands on a confidential US Secret Service memo that reveals how jackpotting has hit the ATMs in the United States for the very first time. Before that, the attack was popular against ATMs in Asia and Europe.

The memo further reveals that once the hackers take over an ATM, the attack forces it to dispense money at the rate of 40 notes every 23 seconds and only stops once the machine is empty. Currently, the prime targets of Jackpotting are Big-box stores, pharmacies and drive-thru ATMs.

An alert [PDF] issued by Diebold gives in-depth details about the attack and how it can be prevented.

“In a Jackpotting attack, the criminal gains access to the internal infrastructure of the terminal in order to infect the ATM PC or by completely exchanging the hard disk (HDD). In recent evolutions of Jackpotting attacks portions of a third-party multi-vendor application software stack to drive ATM components are included. In cases where the complete hard disk is being exchanged, encrypted communications between ATM PC and dispenser protects against the attack,” the alert warns.

According to the warning issued by NCR, the company said none of their ATMs have been compromised however the attack itself is a big threat to the ATM industry in the country. “This should be treated by all ATM deployers as a call to action to take appropriate steps to protect their ATMs against these forms of attack,” said NCR.

Remember, for cybercriminals hacking an ATM machine is now a piece of cake since most of these machines are still running on Windows XP. Just a few months ago, a security researcher Leigh-Anne Galloway had demonstrated how one can hack an ATM by simply drilling a hole. She also highlighted the fact that since a majority of cash machines are Windows XP systems that are linked with a safe, therefore, the trick makes a varied range of machines vulnerable to hack attack.

Moreover, it is very easy for anyone to buy ATM malware on the Dark Web, therefore, there is a need of a complete overhaul of the ATM industry to make its devices secure against cyber criminals and protect banks and customers from losing their cash.

What how Jackpotting attack takes place

Image credit: DepositPhotos/BeeBright

  • Tags
  • ATM
  • Banking
  • Cyber Attack
  • europe
  • Fraud
  • hacking
  • internet
  • Jackpotting
  • Malware
  • Money
  • Scam
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Phishing Scam: Hackers Steal $150,000 in Ethereum from Experty ICO
Next article Attackers can Bypass Fingerprint Authentication in Lenovo devices
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

IT Security firm Qualys extorted by Clop gang after data breach

IT Security firm Qualys extorted by Clop gang after data breach

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers
Cyber Attacks

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining
Security

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Top Russian hacker forums Maza, Verified hacked; data leaked online
Hacking News

Top Russian hacker forums Maza, Verified hacked; data leaked online

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us