ATM Jackpotting: Growing Concerns & Active Protections

The federal government is now warning financial institutions about jackpotting attacks.  So far, the Secret Service says, “cash-out crews” have targeted Diebold Nixdorf machines – specifically malware on Opteva models.  According to various published reports, criminals often use an endoscope to find the portion of the ATM that enables them to attach a cord that will sync the ATM’s computer to their laptop. The crooks are typically dressed as repair technicians so as to avoid drawing suspicion or attention.  Once they access the machine, customers only see an “Out of Service” notice on the screen and the machine is fully in the hands of the bad guys.  That means the machine can then spit out around two bills per second.  And that adds up fast.

In late January, the U.S. Department of Justice arrested and charged two Massachusetts men with hacking ATM machines.  Media reports say when searching the men’s vehicle, agents found tools and electronic devices as well as more than $9,000 in $20 bills.   But the investigation shows the machine may have dispensed as much as $50,000.

Some older model NCR ATMs or machines that have not been updated may be vulnerable. KSI, in partnership with NCR, offers security solutions to mitigate this particular type of attack.  Among the options: dispenser encryption, hard disk encryption, remote BIOS update and whitelisting.

To learn more, please contact your KSI sales representative or send us an email at info@kensmithinc.com.  We are ready to help.