ATM makers Diebold Nixdorf and NCR have recently warned the public that hackers may be targeting US cash machines with tools that force them to spit out cash in a hacking schemes known as “jackpotting.”
According to a Reuters report, though its nickname evokes big wins, “jackpotting” is instead a malicious cyber-attack that uses malicious software to enable hackers illegally gain control of ATMs.
The two ATM makers did not identify any victims or say how much money had been lost. The attacks were reported earlier on Saturday by the security news website Krebs on Security, which said they had begun last year in Mexico.
Jackpotting has been rising worldwide in recent years, though it is unclear how much cash has been stolen because victims and police often do not disclose details.
Reports by Krebson Security highlighted that the cybercrime has long been a threat for banks in Europe and Asia. It also noted that the US Secret Service has quietly began warning financial institutions that jackpotting attacks have been targeting stand-alone ATMs typically located in pharmacies, big box retailers and drive-thru ATMs.
NCR said in a Friday alert that the cases were the first confirmed “jackpotting” losses in the United States. It said its equipment had not been targeted in the recent attacks, but that it was still a concern for the entire ATM industry.
“This should be treated by all ATM deployers as a call to action to take appropriate steps to protect their ATMs against these forms of attack,” the alert said.
Meanwhile, Diebold Nixdorf said in a separate alert that US authorities had warned the company that hackers were targeting one of its ATM models, known as Opteva, which went out of production several years ago.
Diebold Nixdorf’s alert described steps that criminals had used to compromise ATMs. They include gaining physical access, replacing the hard drive and using an industrial endoscope to depress an internal button required to reset the device.
Russian cybersecurity firm Group IB has reported that cyber criminals remotely attacked cash machines in more than a dozen countries across Europe in 2016. Similar attacks were also reported that year in Thailand and Taiwan.