NewsFleet
  • Finance
  • Reviews
  • Buying Guides
  • Finance
  • Tech
  • Sports
  • Games
  • Security
  • Reviews
  • About us
  • Our Writers
  • Contact Us
SUBSCRIBE
  • Finance
  • Tech
  • Sports
  • Games
  • Security
  • Reviews
  • About us
  • Our Writers
  • Contact Us
No Result
View All Result
NewsFleet
No Result
View All Result
Home Security

The ‘malware’ that makes ATMs spit money out

by Torsten Keller
January 11, 2020
in Security
0
malware makes ATMs spit money out
Share on FacebookShare on Twitter

Many dream of a lottery millionaire prize; easy money raining from the sky. However, some do not believe in luck and have thought of getting better than differently.

They are cybercriminals or, rather, slightly more ingenious thieves than usual, who get ATMs to start spitting money. It’s the scam called jackpotting.

In November 2017, an employee of the bank in Freiburg, Germany, witnessed a surreal scene. As he approached his office ATM, he began to take out all the cash it contained. At the same time, on the screen appeared the animation of a chef cooking escalopes.

The curious episode was due to malware that produces the jackpotting effect. In English, the original name of the program is Cutlet Maker. It is also a Russian pun to indicate not only battered meat, but also a wad of banknotes. The malware must be inserted directly into the cashier’s hardware via a USB input located below the machine panel. In this way, it is possible to withdraw all effective content without the use of cards or other specific instruments.

CUTLET MAKER #ATM #malware offered for 5000 USD on darknet forum #infosec https://t.co/iV69mUe0wm pic.twitter.com/qcS7XwnCAq

— TEAM CYMRU (@teamcymru) October 18, 2017

What is jackpotting?

The name jackpotting comes from the distant 2010, when the first prototype malware of its kind was born. New Zealand hacker Barnaby Jack presented it during a hands-on demonstration on stage at the annual Black Hat cybersecurity conference. The audience present stood to be applauded when they saw the ATM literally starting to spit money while the image of a jackpot appeared on the screen.

Since then, the malware has evolved considerably, while Barnaby Jack died in strange circumstances. But this is another story. Lately, we have spoken again about jackpotting because, according to a survey conducted by the magazine ‘Motherboard’ and the German chain ‘Bayerischer Rundfunk’, the scam continues to reap casualties. In particular, in 2017 in Germany criminals would have managed to pocket one million euros. The Berlin authorities are talking about 36 cases recorded in the city since the spring of 2018.

One of the most affected banks in Germany would be Spain’s Santander and, in particular, the Wincor 2000xe ATM model, produced by Deibold Nixdorf. But it should be noted that they are not the only ATMs that the program can violate. As a representative of ATMIA (ATM Industry Association) told ‘Vice’ magazine: “Globally, in 2019, our research indicates an increase in jackpotting attacks.”

Cutlet Maker is a not very complex software, available on the TOR network for about a thousand dollars. However, this technique has become quite obsolete and only works with old machines. This is why today the attacks affect much more of Latin America, Southeast Asia and the United States. ATMs in these countries support older technologies and are easier to hack. Basically, they are old computers equipped with Windows.

ATMs are safer in Europe

While the use of this malware is still widespread in other parts of the world, the best European standards for banking security have paid off. To be effective, jackpotting must be physically inserted into the hardware, a complicated operation with the current armored structures and you almost always need an accomplice inside the office. Most banks in Europe have already taken precautions, both through the use of physically protected ATMs and cybersecurity software capable of detecting the presence of the malicious program.

Without having completely disappeared, this kind of action in Europe is already quite rare compared to other parts of the world. According to the EAST (European Association for Secure Transactions), in the first six months of 2019 the successful attacks carried out through jackpotting or malware techniques have been only 35. And of these, criminals have taken out a pittance of 1,000 euros in total. In short, the association says, for the second year in a row in Europe there has been a substantial failure of this technique.

But no one here is left with their arms crossed. Although jackpotting is still circulating, criminals who want to empty ATMs are changing their techniques. For many years, the first culprit, both by number of attacks and by the amount of money stolen, was the infamous skimmer, a device capable of reading and, in some cases, storing, the magnetic stripe data of credit cards. However, the most popular technique today is Transaction Reversal Fraud (TRF).

The other techniques for stealing money from the ATM

The TRF exploits the system bugs from ATMs and is much more effective than malware, as there is no need to have great tools to force the machine. The technique is to withdraw money with a card normally registered. Once the machine returns the card, waiting for the tickets to be issued, the offender forcibly keeps the card in the slot for the operation to be cancelled. In this way, the money is returned to the owner’s account. At the same time, with any instrument, such as a spatula or a screwdriver, the thief can force the window from which the banknotes are issued.

The money, in fact, is still in that compartment, as it was about to be issued before the transaction was cancelled. Therefore, the criminal manages to withdraw, by force, the banknotes, even though that sum has been charged back into his account. Attacks of this type are becoming more frequent and are replacing malware as they are much easier to carry out.

These two techniques, skimmer and TRF, cost European banks between 250 and 350 million euros each year. And for thieves they have the advantage of leaving no traces, so they can be carried out many times. The EAST warns that TRF attacks have become the predominant form of fraud at European ATMs, with more than 5,000 cases in the first half of 2019, compared to just under 2,000 in the past year, and account for 45% of all ata committed.

ShareTweetShare
Torsten Keller

Torsten Keller

Torsten is our world news & tech expert, mainly focusing on the latest events in US, Europe and Asia. He also loves writing business editorials, finance with proper market research, while staying informed about the latest developments in trending topics.

Email: [email protected]
2275 Deer Haven Drive, HAMMOND MT, 59342
874-370-5224

Related Posts

how to find Android is stolen or misplaced
Security

What to do if your Android is stolen or misplaced? Look at this solution

January 5, 2020
wifi wps
Security

How safe is it to use Wifi Protected Setup?

December 22, 2019
Android phone secure
Security

Is your Android phone secure?

March 29, 2019
About Anti Spyware
Security

The secrets about Anti Spyware that has never been revealed

December 28, 2018
Next Post
laliga

LaLiga's other big business: more than 100 million followers

Recent Posts

  • How to find out if the Internet is working properly on your Xiaomi phone with the MIUI
  • How to detect fraudulent applications on Android
  • Greedfall’s parents announce Steelrising, a game about automatons and the French Revolution
  • How to move all your photos from Google Photos to Microsoft OneDrive or Flickr
  • Alternatives to Google applications that don’t need the Google Services

Recent Comments

    • About Us
    • Advertise
    • Privacy & Policy
    • Cookies Policy
    • Contact Us

    NEWSFLEET, 1692 Grant View Drive, OSCEOLA Missouri, 64776
    © 2011 NewsFleet – All Rights Reserved.

    No Result
    View All Result
    • Home
    • Finance
    • Tech
    • Sports
    • Games
    • Security
    • Reviews
    • About us
    • Our Writers
    • Contact Us

    © 2011 NewsFleet - All Rights Reserved.

    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.