It’s been more than a decade now that hackers who want to get huge money in a short period of time are targeting bank machines. They have planned to dispense millions of dollars simply by tricking the ATM with some sophisticated malware. Cyber security professionals have named these attacks as jackpotting.
You may have seen the same in some movie or any episode on the big screen, but be alert as jackpotting is real. In fact, the Secret Service has also observed a number of attacks on the ATMs in various states of The United States of America. This widely spreading jackpotting is aiming at two particular machines, both made by diebold, according to a renowned researcher, Brian Krebs.
These two targeted machines are Opteva 500 and Opteva 700. Both the machines are comparatively smaller ATMs than that of the regular ones. You can see these ATMs in stand-alone settings, particularly installed in grocery stores, departmental stores, shopping malls and drive-up places.
Here’s how attackers are embedding the malware in the ATMs:
- The criminal(s) arrives on the ATM, mostly dressed as ATM service technicians
- One criminal (mostly referred as Money Mules) drills a tiny hole in front of the ATM machine in order to put a nano camera in it.
- The camera permits them to find out a diagnostic port on the ATM’s cash dispenser
- The criminals connect a cable to the port, link up a laptop or a macbook and then inject a malware named Ploutus to the machine
- Another hacker operating at some remote place or any of the perpetrators at the machine then guides the machine to start leaking out users’ details
According to the report by Krebs, the criminals then give the machine instructions to keep dispensing the cash unless the process is canceled or the machine gets empty. This new crime is being done by a great coordination and typical work of the criminal groups. The security experts have observed such attacks in other countries in past few years. But the attackers have started hitting ATMs in the United State of America from few months. One of the main reasons behind this is most of the bank machines are still running Windows XP and are highly vulnerable to such attacks.