ATMs across Europe Are Hacked Using Purpose-Built Black Boxes
Diebold Nixdorf has issued a warning of a wave of jackpotting attacks against ATM in a number of European countries, with the vast majority directed at ProCash 2050xe USB terminals.
Jackpotting attacks target ATMs to steal money from the machines. Other attacks use devices on ATMs to clone and steal credentials of regular customers, but jackpotting goes directly after the money. It’s a much more complex attack that requires knowledge of the ATM’s inner workings, and it’s much more challenging to pull off.
In these recent attacks, criminals destroy parts of the fascia to access the hardware, disconnect the USB cable between the CMD-V4 dispenser and the special electronics, or the cable between special electronics and the ATM PC. They then connect their black box and send commands to the machine, allowing them to dispense money.
The biggest problem with this method, aside from the theft, is that the attacker likely has access to the software stack or at least some part of it, which they use in their black boxes.
“Some incidents indicate that the black box contains individual parts of the software stack of the attacked ATM,” says the company in the advisory. “The investigation into how these parts were obtained by the fraudster is ongoing. One possibility could be via an offline attack against an unencrypted hard disc.”
So far, it looks like most attacks affected the ProCash 2050xe USB ATM, which means that the criminals might have access to the software stack for that specific model. In any case, the company advises banks to update the software stack to the latest versions, use a secure configuration of encrypted communications, and get the latest firmware for their devices.
Since this is also a physical attack, terminal operators are advised to frequently inspect the ATMs and control access to areas used by personnel to service them.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021