First ‘Jackpotting’ Attacks Hit U.S. ATMs

From Krebs on Security

ATM “jackpotting” — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators. But all that changed this week after the U.S. Secret Service quietly began warning financial institutions that jackpotting attacks have now been spotted targeting cash machines here in the United States.
To carry out a jackpotting attack, thieves first must gain physical access to the cash machine. From there they can use malware or specialized electronics — often a combination of both — to control the operations of the ATM.

On Jan. 21, 2018, KrebsOnSecurity began hearing rumblings about jackpotting attacks, also known as “logical attacks,” hitting U.S. ATM operators. I quickly reached out to ATM giant NCR Corp. to see if they’d heard anything. NCR said at the time it had received unconfirmed reports, but nothing solid yet.

On Jan. 26, NCR sent an advisory to its customers saying it had received reports from the Secret Service and other sources about jackpotting attacks against ATMs in the United States.

“While at present these appear focused on non-NCR ATMs, logical attacks are an industry-wide issue,” the NCR alert reads. “This represents the first confirmed cases of losses due to logical attacks in the US. This should be treated as a call to action to take appropriate steps to protect their ATMs against these forms of attack and mitigate any consequences.”

So am I the only one learning about this kind of attack for the first time and incredibly curious about what is required as far as hardware and software are concerned? I bet some of you are trying to think of which ATMs in their area they could have undisturbed physical access to.

Leave your thoughts in the comments below.

Follow @contentjunkie to stay up to date on more great posts like this one.

They hit the jackpot.

This is pretty scary to me from multiple view points from the safety of my own money held at these banks and if these thieves can easily withdraw funds from customer accounts as well AND from the perspective of being and employee at a bank where theft negatively impacts the business thereby negatively impacting my livelihood if a small bank like mine was hit and had to either layoff people as a result of it or cut pay / cut incentives or annual performance compensation to compensate for lost money from thefts. Very interesting thing to keep a close eye on. I hope it doesn't happen anywhere again in the US any time soon!

... or like when Zuckie speaks out against crypto... Jackasspotting !!

Given we all take care when inserting a USB stick on our computer...I've wondered for a long time why "bad guys" had not programmed their own bank-cards & then 'infected' an ATM.

Seems they have done it, just seems news getting out is slow....
ummm I wonder why that is? :-)

Thieves are always 2 or 3 steps ahead. If they upgrade their system, these thieves will always find a way to hit that JACKPOT!

This nice post.. i like your post.. thanks for sharing technology news..

wooow okay it's a friend

This, This could very very well be simply another cooked up in-house formulaic reason, a inside job excuse for them to try and make complaints to get society to go cashless! I would not be surprised if it was fake. Watch them use this as the excuse to get rid of cash!! Watch it happen!

You got a 4.92% upvote from @postpromoter courtesy of @contentjunkie!

Want to promote your posts too? Check out the Steem Bot Tracker website for more info. If you would like to support the development of @postpromoter and the bot tracker please vote for @yabapmatt for witness!

This post has received gratitude of 3.01 % from @appreciator thanks to: @contentjunkie.

Thank you contentjunkie for making a transfer to me for an upvote of 6.17% on this post!

Half of your bid goes to @budgets which funds growth projects for Steem like our top 25 posts on Steem!

The other half helps holders of Steem power earn about 60% APR on a delegation to me!

For help, will you please visit https://jerrybanfield.com/contact/ because I check my discord server daily?

To learn more about Steem, will you please use http://steem.guide/ because this URL forwards to my most recently updated complete Steem tutorial?