We have seen it in the cinema and for many it is an unrealistic fantasy to find an ATM that starts to spit out more money than we have requested, without affecting the balance of our own accounts.
Well, a Russian cyber security company warned on Wednesday of a coordinated attack on several ATMs in Europ using malware or malicious software to make them spit money.
12 attacks per second in Latin America are threatened by this type of malware, All that, without anyone putting a card or typing a single key.
The attacks have been called “Touch less jackpotting“.
According to the Russian group IB, hackers access remotely information centers of the banks and there they install the program that allows them to configure several ATMs in such a way that they deliver money simultaneously and at predetermined times.
And, of course, other members of the organization are responsible for collecting this money, aka “mules”: they go to the tellers to pick it up.
“This technique does not involve any physical manipulation of ATMs, and in one fell swoop they have already scooped out over US $ 400,000” the group said in a report.
The countries affected by the attack were Armenia, Estonia, the Netherlands, Spain, Poland and the United Kingdom, but the company did not give details on these financial institutions.
“We have seen this type of coordinated attacks in Russia since 2013,” Dmitriy Volkov, who works for the BBC stated.
“The threat is serious: attackers access the internal network of banks gathering confidential information, which allows them to steal from those same banks,” Volkov added.
In a single maneuver
It is estimated that in Europe there are at least 410,000 ATMs. The country with the largest is the UK, with 70,000 and it is estimated that each of them can contain on average up to US $ 200,000 in cash.
For this reason manufacturers of ATMs and other banking equipment like Diebold Nixdorf and NCR Corp. are alert about this new form of theft.
“The attackers took this modality to a new level of being able to access several ATMs at once in a single maneuver,” said Nicholas Billet of the US firm Diebold Nixdorf.
“But what is more serious is that they know that they can be tracked quickly, so they execute the robbery with such precision that they withdraw money before we can shut down the machine or the bank blocks that ATM system,” he added.
Following the money
A recent Europol report warns of an alarming increase in the use of ATM Malware, but makes it clear that the most common fraud technique in cash dispensers is still skimming, or stealing user information first.
“The new method is being perpetrated by someone who has access to the central banking system and infects entire communities of ATMs simultaneously, thus multiplying the amount of money that can be stolen in a short time,” said Alan Woodward the cyber security expert from University of Surrey.
For Woodward, the method of collecting money, which is done personally, has made crime more difficult to track.
The classic way to solve financial crimes online is to follow the money, but when you can not do it, it’s very difficult to know who’s behind it.
Although the evidence suggests that it was a small group of people who started it.
Its OK to Share This Article