ATM-makers reveal hackers are targeting US machines

ATM manufacturers in the US are warning clients that their machines are being targeted by hackers.

Diebold Nixdorf Inc and NCR Corp, two of the world’s largest ATM makers, have cautioned that cyber criminals are targeting US cash machines with tools that force them to spit out money via hacking schemes.

The schemes are known as ‘jackpotting’. The companies did not disclose how much money has been lost to jackpotting nor did they identify any victims. 

NCR and Diebold Nixdorf sent out alerts to clients warning of the trend on Saturday.

NCR said that the cases were the first confirmed jackpotting losses in the US. The company added that its equipment has not yet been targeted.

‘This should be treated by all ATM deployers as a call to action to take appropriate steps to protect their ATMs against these forms of attack,’ the company said.

Jackpotting has been rising worldwide in recent years, though it is unclear how much cash has been stolen because victims and police often do not disclose details.

The attacks in the US were reported by security news website Krebs on Security, which said they began last year in Mexico.

Diebold Nixdorf said US authorities had warned it that hackers were targeting one of its ATM models called Opteva, which went out of production several years ago.

A confidential US Secret Service alert sent to banks said the hackers targeted stand-alone ATMs typically located in pharmacies and big-box retailers as well as drive-thru ATMs, Krebs on Security reported.

Diebold Nixdorf’s alert described steps that criminals had used to compromise ATMs.

They include gaining physical access, replacing the hard drive and using an industrial endoscope to depress an internal button required to reset the device. 

Russian cyber security firm Group IB has reported that cyber criminals remotely attacked cash machines in more than a dozen countries across Europe in 2016.

Similar attacks were also reported that year in Thailand and Taiwan.