The bank employee in the city of Freiburg, Germany, who noticed a bank ATM acting screwy one morning was greeted with a bizarre message on the control panel: “Ho-ho-ho! Let’s make some cutlets today!” That employee didn’t immediately realize it, but hackers had implanted malware in the ATM as part of a so-called “jackpotting” attack. The end result is like something you might see in a movie — the ATM spitting out a stream of cash until the machine is completely drained.
A joint investigation by Motherboard and a German news outlet has laid out some of the details of how hackers are increasingly going after machines with weak security and running outdated software. Regulators and legal sources, naturally, aren’t saying too much about the practice at this point, but not only are sources confirming that this kind of ATM attack is on the rise around the world, including in the US — but the implication is that banks are vulnerable and largely not prepared to deal with this.
Generally, attackers install the malware via an access point on the ATM, such as a USB outlet. The code is also surprisingly affordable; per Motherboard, hackers have been carrying out attacks around Europe using Russian software that costs $1,000.
You hear about an attack of this kind, software that can make an ATM spit out a stream of cash, and as we said, it sounds like a Hollywood version of how a malware attack is envisioned to take place. Unfortunately, this is very much a real-life scenario, with one source telling the reporters involved in the investigation that there are bad actors out there selling the code that makes this possible to basically whoever will pay up. And this also doesn’t seem to be limited to a particular corner of the world — “Potentially, this can affect any country,” according to cybersecurity expert David Sancho.
