WIRED on the devastating jackpotting ATM hack phenomenon finally starting to spread throughout the United States:
ATM hackers in Taiwan raked in more than $2 million using a new type of malware attack that manipulated machines into spitting out tons of cash. The method, dubbed “jackpotting,” quickly spread across parts of Asia, Europe, and Central America, resulting in tens of millions of dollars of stolen cash. By November 2016, the FBI issued a warning that “well-resourced and organized malicious cyber actors have intentions to target the US financial sector” using this approach. But it took a year for the attack to arrive stateside.
This week, the Secret Service began warning financial institutions about a rash of jackpotting attacks across the US, and the threat that more could be coming. In a jackpotting attack, hackers—often dressed as technicians to deflect suspicion—penetrate an ATM’s physical and digital security, install malware, establish remote access, and set it up to display an out-of-order screen. With those hardware and software modifications in place, another attacker can approach the compromised ATM and stand with a bag while co-conspirators remotely instruct it to dispense cash. In past incidents, law enforcement observed a cashflow rate of 40 bills every 23 seconds.
Diebold Nixdorf has to be one of the worst companies on the planet. This is the same company from years ago that had a host of issues with their voting machines and failed to take the appropriate action to fix their vulnerabilities.