Secret Service Quietly Warns Banks: Hackers Can Now ‘Jackpot’ ATMs, Drain All Cash In Minutes

True Pundit

ATM “jackpotting” — a sophisticated crime in which thieves install malicious software and/or hardware at ATMs that forces the machines to spit out huge volumes of cash on demand — has long been a threat for banks in Europe and Asia, yet these attacks somehow have eluded U.S. ATM operators. But all that changed this week after the U.S. Secret Service quietly began warning financial institutions that jackpotting attacks have now been spotted targeting cash machines here in the United States.  

To carry out a jackpotting attack, thieves first must gain physical access to the cash machine. From there they can use malware or specialized electronics — often a combination of both — to control the operations of the ATM.

On Jan. 21, 2018, KrebsOnSecurity began hearing rumblings about jackpotting attacks, also known as “logical attacks,” hitting U.S. ATM operators. I quickly reached out to ATM giant NCR Corp. to see if they’d heard anything. NCR said at the time it had received unconfirmed reports, but nothing solid yet.

On Jan. 26, NCR sent an advisory to its customers saying it had received reports from the Secret Service and other sources about jackpotting attacks against ATMs in the United States.

“While at present these appear focused on non-NCR ATMs, logical attacks are an industry-wide issue,” the NCR alert reads. “This represents the first confirmed cases of losses due to logical attacks in the US. This should be treated as a call to action to take appropriate steps to protect their ATMs against these forms of attack and mitigate any consequences.”

The NCR memo does not mention the type of jackpotting malware used against U.S. ATMs. But a source close to the matter said the Secret Service is warning that organized criminal gangs have been attacking stand-alone ATMs in the United States using “Ploutus.D,” an advanced strain of jackpotting malware first spotted in 2013.


True Pundit

5 thoughts on “Secret Service Quietly Warns Banks: Hackers Can Now ‘Jackpot’ ATMs, Drain All Cash In Minutes

    1. My thoughts exactly, Mary, and that causes me to question whether this story is even true.

      I went to the source link to read the entire story, and it sounded shady to me, especially where the comments were answered by these alleged security experts. (nonsense about the cash being used to fund terrorism, in particular, but the explanation of how this is done didn’t really make sense to me, either).

      I think this is a move toward going cashless, which I’ve heard was a big topic of discussion at Davos, too. The timing is perfect, because more people are wanting their cash, it just isn’t there, and now we hear this dubious story about ATMs being drained.

      It all sounds like BS to me.

  1. “The NCR memo does not mention the type of jackpotting malware used against U.S. ATMs.”

    If, as JR pointed out, this is even true, then that is totally irrelevant.

    Kill one malware bug, there will be two more to take its place.

    The next day.

Join the Conversation

Your email address will not be published. Required fields are marked *