The Secret Service quietly warned banks in January that gangs were targeting stand-alone ATMs made by vender Diebold Nixdorf. Hackers are using a piece of malware on ATMs to make the machines spit out cash in what is called jackpotting. The software virus was identified by a company called NetSkope.
“Netskope Threat Research Labs has discovered a new ATM malware, ATMJackpot. The malware seems to have originated from Hong Kong and has a time stamp on the binary as 28th March 2018. It is likely that this malware is still under development. Compared with previously discovered malware, this malware has a smaller system footprint, a very simple graphical user interface as shown in Figure 1 which displays the hostname along with the service provider information such as cash dispenser, PIN pad, and card reader information.”
All the theft has to do is access the motherboard on an ATM, which is only protected by a small keyed door, and they insert a flash drive and the virus downloads dispersing cash, up to $2,500 per minute without even using debit card.
So far, the U.S. Secret Service, which is part of the Treasury Department, has reported scattered ATM jackpotting thefts of at least $1M across the United States. The thefts have been reported at banks, pharmacies and chain stores such as Target and Best Buy.