Hackers target ATMs across Europe as cyber threat grows

 Home / Blog /0

Hackers target ATMs across Europe as cyber threat grows

Cyber criminals have remotely attacked cash machines in more than a dozen countries across Europe this year, using malicious software that forces machines to spit out cash, according to Russian cyber security firm Group IB.

Diebold Nixdorf and NCR Corp, the world's two largest ATM makers, said they were aware of the attacks and have been working with customers to mitigate the threat. The newly disclosed heists across Europe follow the hacking of ATMs in Taiwan and Thailand that were widely reported over the summer.

Although cyber criminals have been attacking cash machines for at least five years, the early campaigns mostly involved small numbers of ATMs because hackers needed to have physical access to cash out machines.

The recent heists in Europe and Asia were run from central, remote command centers, enabling criminals to target large numbers of machines in "smash and grab" operations that seek to drain large amounts of cash before banks uncover the hacks.

“They are taking this to the next level in being able to attack a large number of machines at once,” said Nicholas Billett, Diebold Nixdorf’s senior director of core software and ATM Security. “They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down.”

Group IB declined to name banks that were “jackpotted,” a term used to describe forcing ATMs to spit out cash, but said the victims were located in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain and Malaysia.Indeed, Dmitry Volkov, head of threat intelligence with Group IB, told Reuters he expects more heists on ATMs.


The ATM Security Association declined to comment on Group IB's findings.

Members of the group, which works to improve ATM security, include ATM maker Diebold Nixdorf (DBD.N) as well as banks ABN Amro (ABNd.AS), Bank of America Corp (BAC.N), Royal Bank of Scotland Group (RBS.L) and Wells Fargo & Co. (WFC.N).

Representatives of Europol, which coordinates investigations of cyber crimes across Europe, had no immediate comment.



Comments
Leave a Comment