In TV shows and movies, sometimes you see how ATMs can be hacked where it just spits out all the money in its reserve. This is actually a real-life hack known as “jackpotting” and is prevalent in regions like Europe and Asia, and now it seems that it has started to creep into the US as well.This is according to a report from KrebsonSecurity in which the report revealed that the US Secret Service has started to quietly warn financial institutions such as banks that jackpotting attacks have started to target ATMs in the US. The publication also confirmed with ATM giant NCR Corp. who claims to have received reports from the Secret Service and other sources about the problem.
In a confidential Secret Service alert obtained by KrebsonSecurity, “The targeted stand-alone ATMs are routinely located in pharmacies, big box retailers, and drive-thru ATMs. During previous attacks, fraudsters dressed as ATM technicians and attached a laptop computer with a mirror image of the ATMs operating system along with a mobile device to the targeted ATM.”
They also note that ATMs running on Windows XP are particularly vulnerable, which back in 2014 was discovered to be powering 95% of ATMs. Presumably those numbers are very different today, but it still highlights how there are some that have yet to make the upgrade. The memo is also advising ATM operators to update to at least Windows 7 to protect themselves against such attacks.