Banks across the country are on high alert as a new cybersecurity threat has been identified. Hackers are using a piece of malware on ATMs to make the machines spit out cash in what is called jackpotting. The software virus was identified by a company called NetSkope.
Netskope posted on its company blog:
“Netskope Threat Research Labs has discovered a new ATM malware, ATMJackpot. The malware seems to have originated from Hong Kong and has a time stamp on the binary as 28th March 2018. It is likely that this malware is still under development. Compared with previously discovered malware, this malware has a smaller system footprint, a very simple graphical user interface as shown in Figure 1 which displays the hostname along with the service provider information such as cash dispenser, PIN pad, and card reader information.”
Thieves are able to access the motherboards on an ATM, which is sometimes only protected by a small keyed door. A flash thumb drive is inserted into the motherboard and the virus downloads and cash is rapidly dispensed. According to the website Gizmodo, an ATM can spit out $2,500 in a minute. So far, the U.S. Secret Service, which is part of the Treasury Department, has reported scattered ATM jackpotting thefts of at least $1M across the United States. The thefts have been reported at banks, pharmacies and chain stores such as Target and Best Buy.