ATM machines are now under attack and a recent hack in systems in at least 14 countries including the UK and the Netherlands have been remotely hacked by an organised gang to spit out cash for rapid collection by the attackers.
Russian cyber security firm IB Group said that perpetrator of this ‘jackpotting’ of cash machines was an Eastern European hacking group known as Cobalt. ATMs in Malaysia, Belarus, Armenia, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, Poland, Romania, Russia and Spain were also affected. The company, however, declined to name any specific banks.
Named ‘touchless jackpotting’, the technique employed does not involve any physical change to ATMs. There are no card skimmers or modifications made to the machine. Instead, bank systems are infected using tools that are apparently widely available in public sources.
Group IB said in its report: “To make ATMs give out cash, criminals launch malware using the Extensions for Financial Services (XFS) standard. On command from the bank’s internal network, the program starts dispensing notes until machines are empty.”