Malware attacks against computers or phones are very common these days. But what about malware in ATM? It may sound unusual and weird, but thanks to cybercriminals it is now a truth as a bank employee in the city of Freiburg, Germany noticed an ATM acting screwy.
After a joint investigation by Motherboard and the German broadcaster Bayerischer Rundfunk (BR), it was revealed that a major cybercrime campaign that used so-called jackpotting attacks was behind this ATM malware incident.
The bank employee noticed that one morning the ATM was greeted with a bizarre message on the control panel, stating that "Ho-ho-ho! Let's make some cutlets today!"
Even though the employee did not understand what happened exactly, hackers planted malware in the ATM as part of the "jackpotting" attack which allowed the machine to spit out cash continuously until it completely became empty.
The investigation revealed how the hackers are increasingly targeting ATM machines which have weak security and running outdated software. It should be noted that these kind of attacks are currently rising in several parts of the world, including the US.
How hackers launch malware attacks against ATM machines:
As per the cybersecurity company Malwarebytes this kind of attack can use several different types of malware, including Ploutus, Anunak/Carbanak, Cutlet Maker, and SUCEFUL.
In this case, stolen credit cards are not required. The threat installs the malware onto an ATM by opening a panel on the machine to gain access to a USB outlet.
US, Latin America and Southeast Asia have faced jackpotting attacks in recent years. As reported the hackers have been carrying out these attacks in Europe by using Russian software that costs $1,000.
In 2010, at the annual Black Hat cybersecurity conference, a late researcher Barnaby Jack showed his the reality of his own strain of ATM malware. Once the malware was successfully deployed to the ATM machine, the word "JACKPOT" popped up on the screen as the machine started releasing money.