Hackers Steal Millions From European ATMs Using Malware That Spit Out Cash


Nordnet Baritof
Nordnet Baritof
  • Technical Writer
  • Entrepreneur
  • Founder and CEO
  • Developer
  • Blogger and IT Analyst
2016-11-22 18:54:42

| Share
| Share
| Share
Hackers Steal Millions From European ATMs Using Malware That Spit Out Cash
ATM hackers who long relied on tactics of stealing payment card numbers and online banking credentials to steal millions are now targeting the bank itself to steal cash directly from the machines.

Earlier this year, a gang of cyber criminals infected several ATMs with malware in Taiwan and Thailand that caused the machines to spit out millions in cash, and the gang members then stood in front of the infected ATMs at the appointed hour and collected the money.

Now, the FBI has warned U.S. banks of the potential for similar ATM jackpotting attacks, saying that the agency is "monitoring emerging reports indicating that well-resourced and organized malicious cyber actors have intentions to target the U.S. financial sector."
 

ATM jackpotting is a technique used to force automated teller machines to spit out cash.

According to Russian cyber security firm Group-IB, cyber crooks have remotely infected ATMs with malware in more than dozen countries across Europe this year, which forces machines to spit out cash.

The world's two largest ATM manufacturers, Diebold Nixdorf and NCR Corp., said they were aware of the ATM attacks and had already been working with their customers to mitigate the threat.

The cyber criminals have been targeting ATMs for at least five years, but the latest hacking campaigns mostly involved small numbers of ATMs due to the fact that hackers required physical access to the machines to collect cash.
 

Group-IB did not name the banks targeted in the campaign but said the victims were located in Armenia, Bulgaria, Estonia, Georgia, Belarus, Kyrgyzstan, Moldova, Spain, Poland, the Netherlands, Romania, the United Kingdom, Russia, and Malaysia.

Both Diebold Nixdorf and NCR said they had already provided banks with information on how to thwart the attack, Reuters reported.
"We have been working actively with customers, including those who have been impacted, as well as developing proactive security solutions and strategies to help prevent and minimize the impact of these attacks," said Owen Wild, NCR's global marketing director for enterprise fraud and security.
The disclosure of the new campaign comes months after two large ATM hacks, wherein hackers stole $2.5 Million from Taiwan's First Bank and $350,000 from Thailand's state-owned Government Savings Bank.

While Group-IB believes the attacks across Europe were conducted by a single criminal group, dubbed Cobalt, the FBI believes the malicious software used in the attack could be linked to the Russian ATM gang known as Buhtrap, the Wall Street Journal reported.

However, citing the tools and techniques used by both groups, Group-IB believes that Cobalt is linked to Buhtrap, which stole 1.8 Billion rubles ($28 Million) from Russian banks between August 2015 and January 2016.
NSA of Israel Has One Of The Most Powerful Cyber Armies In The World
NSA of Israel Has One Of The Most Powerful Cyber Armies In The World
.
Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked

Out of those 30 million accounts, hackers successfully accessed personal information from 29 million Facebook users, though the company assured that t


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Google following your every move here is how to limit it

As it turns out, even when you opt to limit Google's ability to track your location when using its search function or apps, some of your time-stam


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
HOW! Lets Users Modify Group Chats in Whatsapp to Spread Fake News with WhatsApp Flaw

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicio


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Alert ! Godaddy Web hosting server hack

Besides Timehop, another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFa


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Stolen D-Link digital certificate malware

Digitally signed malware has become much more common in recent years to mask malicious intentions. Security researchers have discovered a new ma


Check If Your Accounts One of 30 Million Facebook Accounts Were Hacked
Google Blocks All Chrome Extension Installations From 3rd-Party

You probably have come across many websites that let you install browser extensions without ever going to the official Chrome web store. It's a g



© 2013-2019 best of geeks. All rights reserved.