ATM hackers have for long used card numbers and online banking details to get millions of dollars from different victims. But that was in the past.
Today, the cyber criminals have developed ways of striking the source of the cash itself, the banks.
The trick is now to infect ATMs with malware that can reprogram the machines to spit out cash in millions.
The hackers set the pump-out to take place at an appointed time, and when that time comes they simply stand in front and get the money. This first one happened in Taiwan and Thailand earlier this year.
US banks are facing a similar threat. According to a warning released by the FBI, US banks face the same jackpotting threat. The agency is currently working on reports of well-organized cyber criminals attacking the US financial sector.
The revelations come from Russian cyber security company Group-IB, stating that various ATMs have been infected with malicious software in different countries all over Europe this year. The malware is designed to force cash out of ATMs at set times.
Diebold Nixdorf and NRC Corp, which are two of the world’s largest ATM manufacturers, have said they do know there is a looming threat and are doing everything they can to protect their customers.
The cyber criminals have been at it for five year now, targeting different ATMs with malware. The last hacking, however, focused on a small number of ATMs since they needed to be at the ATM physically to collect the money.
Group IB has so far not mentioned the affected banks although they did say the victims were located in Armenia, Bulgaria, Estonia, and Georgia. Others were from Belarus, Kyrgyzstan, Moldavia, Spain, and The Netherlands. The UK, Russia and Malaysia were also not spared.
Both Diebold Nixdorf and NCR have said they have given banks the necessary information to protect themselves from these attacks, according to a Reuters report.
“We have been working relentlessly with our customers, both those that have been affected and those that are still safe to come up with proactive solutions and strategies to keep the impact of these criminals to a minimum,” the global Marketing Director for NCR said.
The new revelations about the attack come just a few months after hackers who unleashed two large ATM hacks got away with $2.5 million from Taiwan’s First Bank, as well as 350,000 from Savings Bank, a Taiwanese bank owned by the Government.
Group-IB says the European attacks were carried out by a group named Cobalt. However, the FBI believes otherwise, placing the blame on the Russia-based ATM gang named Buhtrap according to Wall Street Journal reports.
But, there is another theory, and that is Cobalt is the same or at least linked to Buhtrap, says Group-IB after taking a close look at the tools and techniques employed by the groups.