Hitting the jackpot in an arcade game is enormous fun. You stand there grinning as the tickets keep pouring out. And then you get to choose a cool prize to take home. Scammers recently gave this awesome win a sinister twist by bringing the jackpotting mechanism to Automatic Teller Machines (ATM). This doesn't mean you can ask for $20; the machine will start spitting out hundreds instead. But it does spell trouble for ATMs and their owners throughout the country. Find out what the ATM Jackpot scam is and how to protect yourself.
Jackpotting attacks on ATMs have been spreading through Europe and Asia for some time. The Secret Service recently sent an alert warning that the ATM Jackpot scam has reached the United States.
Brian Krebs reported the alert, citing several sources and cautioning the public to be aware and careful of these attacks.
First, an attacker performs basic scouting to find a way into the ATM. They usually target models with front-facing panels because they're easier to access. Thieves have been posing as ATM technicians to avoid detection and gain easy access to the machines. They've also been using medical endoscopes to reach the insides of the ATMs.
Once the vulnerable area within the ATM is determined, the scammers attach their computers to mirror the ATM's software. The thieves will now install malware, which conveniently places the ATM under their control. At this point, the ATM will appear out of service for users, so scammers can force the machine to do their bidding remotely.
The criminals' final step in this hack is to program the ATMs to spit out piles of cash and send "money mules" to collect the cash for them.
Alternately, scammers may quietly bide their time and only take action a few days, or even a week, later. They will then return to the compromised ATM and program it to dispense all of its cash immediately, which they will promptly pocket. And now you know what the ATM Jack is.
Krebs' report suggests that Ploutus D, the malware used in these attacks, has been widely used in ATM hacks since 2013. However, this claim has not been verified.
This past spring, researchers working in Kaspersky Lab wrote about three relatively simple ways fraudsters can hack and remotely control ATMs. Krebs believes the scammers can use any of these methods or Ploutus D.
While every ATM in the country is at risk of being attacked, the fraudsters appear to target Diebold Nixdorf-made ATMs.
The Secret Service alert also warns that ATMs running Windows XP are "particularly vulnerable" and should be updated immediately. Unfortunately, though the Windows XP Embedded support ended more than two years ago, many ATM owners neglect to install updates as advised, placing their machines at greater risk for hacks.
ATM jackpotting targets the machine's owners and generally does not affect the common citizen. However, you can do your part to stop these crooks by reporting any suspicious activity you see near an ATM.
Did you spot a technician who looks out of place? Is an ATM that worked just fine yesterday suddenly out of service? If so, alert the local authorities so they can take appropriate action.
While jackpotting might be relatively new to the U.S., and it's not yet clear how widespread these attacks are, it's always a good idea to exercise caution when using an ATM in a public setting. Here are some tips to remember the next time you use an ATM:
While we are glad that this ATM Jackpot Scam does not affect your personal accounts, it is still awful. If you see anything suspicious, call your bank, the police, or your local authorities. If you like this post, check out our other fraud and scam alerts on our MoneySmart Tips Blog.