The FBI is warning banks that hackers are targeting their ATMs.
According to Krebs on Security, which first reported the news, it would happen via an ATM cash-out scheme, a highly choreographed international fraud attempt. Thieves “hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.”
The Federal Bureau of Investigation (FBI) learned of the scam, but not the exact details: it is supposed to happen sometime in the coming days, perhaps in tandem with a breach of a credit card issuer. It’s a type of attack known as an “unlimited operation.” In this scenario, a financial institution is compromised by malware so hackers can bypass traditional fraud limitations, exploit network access, and conduct massive theft of ATM funds. The hackers bypass controls and alter account balances so that, in essence, an unlimited amount of funds is available for withdrawal.
Typically, an ATM cash-out will happen over a weekend, often as banks are shutting down on Saturdays.
The FBI is urging banks to review their security practices, including their password requirements and whether multi-factor authentication is being employed, particularly for personnel with access to sensitive systems. Krebs on Security outlined other recommendations the FBI had for financial institutions as well. This includes things such as monitoring network traffic for unexpected connections or encrypted traffic over non-standard ports, as well as monitoring and auditing critical business accounts.
In a comment to CNN Money, the FBI said only, “In furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations.”
As of Tuesday, no reported hacks have been confirmed.