Cybercriminals Can Hack ATM While You Are Withdrawing Money


 Security at ATMs is usually associated with protection measures against attempted physical theft or scams. However, in Spain, the alert has already been raised about several cases of remote security breaches at the hands of cybercriminals. 


Specifically, several cases of 'jackpotting' have been reported, a type of attack that turns ATMs into 'banknote sources'. Hackers typically use up to four different types of attacks to steal money from an ATM, and at the moment, little brakes can be put on it.


Hackers are aware of the weaknesses of these machines, and use all their tools to overcome them, according to Check Point, a company specialized in cybersecurity worldwide, explains in a study. The operating system is one of them since tellers generally use old versions that are completely unprotected against current malware.


" Despite what it may seem, hacking an ATM is relatively simple since they usually do not have protection tools against cyberattacks, " Eusebio Nieva, Check Point's technical director for Spain and Portugal, tells OMICRON. However, Nieva explains that a good part of the success of the hackers is due to "errors in the configuration of the systems, the lack of updates or, even, failures in the physical security that allow the hacker to access the ATM," he detailed Snows.



Direct To Server 



The large amounts of money that cybercriminals can access makes hacking an ATM a highly coveted target for its high profitability in a short time.  One of the most used attacks is the so-called Man-in-the-Middle. Like many other electronic devices, ATMs are connected to the Internet. A connection that hackers take advantage of by tapping the data traffic between the ATM and its server.



In this way, the cybercriminal takes control of the operations carried out by an ATM, in addition to collecting a large amount of information from users, such as bank credentials or their full names. "This type of attack does not go against the user, but against the bank itself. For that reason there are certain 
factors that these entities must protect, such as central communication," Nieva explained.  



The Spoofing is another type of cyberattack that puts the focus on the processing centre ATMs, which is responsible for validating all operations are carried out: since the withdrawal of cash transfers. 


The hacker must manage to disconnect the ATM from the bank's network to take control of the activities he performs.  Once successful, you can access large amounts of money by simply entering a card or PIN code, making the transaction appear legitimate by impersonating the bank's users.



A Fake Technician

The third technique that hackers use the most has to do with malware, which introduces it into ATMs in two ways.  The first one is in person, with an infected USB in the ATM rack; the other is achieved by attacking the bank's network and downloading the malicious program directly onto the machine.   






By installing the malicious program on them, hackers can send commands to the cashier to withdraw the money until its capacity is exhausted.  "The operating systems installed in ATMs do not have protection against these types of threats. Banks must update them, since some are even more than 10 years old, such as Windows NT. Microsoft does not even support this operating system that can be found in some of these. There is no protection software, "warns  Nieva.



Finally, hackers also carry out 'jackpotting', a type of attack for which it is necessary to have physical access to the inside of the ATM, and for this reason in the vast majority of occasions they pose as maintenance technicians.  Once achieved, the hackers connect a kind of black box that can be controlled through a mobile phone to a USB port on the computer, which allows total control of the ATM and all the money it stores.  


Hackers reconfigure the software to get the ATM screen to display an 'out of service' message, although the device allows you to withdraw money. Using a smartphone, hackers can send an order to the cashier to eject all the money immediately.  


When finished, the cybercriminal uninstalls the black box to leave no evidence. "With this attack, the hackers get the machine to start 'spitting money' and then use mules, which take a percentage, to collect the bills. Even this technique can be used while a user withdraws money, making him believe that The cashier does not take out the tickets due to a mistake so that, once he leaves, a mule can take them ", Nieva explained.



Measures To Avoid It

Banks should also carry out a series of measures with which to protect the ATM, such as "verify what software is running and if the versions are not correct, automatically disable the ATM; or that the connection with the centre is always encrypted Through a robust VPN. Even a simple measure would be to encrypt the ATM's hard drive so that if someone takes it, they cannot extract information from there, "Nieva said.  


It is also important that ATM manufacturers tailor the software to a particular bank and anticipate attackers. "On some occasions, it has been seen that the computers of bank employees are more protected than the software that is running through the ATM. For different reasons, but mainly because the operating system is so old that modern security measures are not manufactured for such systems ", Nieva concluded. For their part, users can always enable bank notifications to know all the movements of their accounts and thus be aware of everything to avoid any unpleasant fright or surprise.       



You may like The centre seat will stop being an ordeal on aeroplanes with this new design The plan to dump nearly 7 trillion tons of artificial ice in Antarctica to delay thaws Slow WiFi: why it happens and how to fix it Nissan is ahead of Tesla and Rivian with an electric van with 400 km of autonomy What's behind the hacker attacks on WhatsApp: this is Pegasus, the most dangerous spyware of the moment Airbus presents a plane with the wings of a bird of prey, the future of aviation?    



The most read Here are the 12 best dishwasher detergents under $ 10: ... Here are the 12 best dishwasher detergents under $ 10: ...  The scandal of the 777 government advisers: they cost 38% more e ... The scandal of the 777 government advisers: they cost 38% more e ...  Ayuso misplaces Sánchez and Married with the virus but goes up in the polls: ... Ayuso misplaces Sánchez and Married with the virus but goes up in the polls: ...  Riots and violence spread throughout Spain with the touch ... Riots and violence spread throughout

Previous Post Next Post

Found this article interesting? Follow Hackers Review on Facebook, Twitter  and Telegram to read more exclusive content we post.