- Wanda Sykes rails against Trump and offers much-needed perspective in ‘Not Normal’ 2 Years Ago
- Man arrested after allegedly threatening to shoot YouTube employees 2 Years Ago
- House Democrats net neutrality strategy shifts month after passing major bill Today 1:40 PM
- Thousands sign petition calling for Danny DeVito to play Wolverine Today 1:02 PM
- Jason Mitchell fired from ‘Desperados’ and ‘The Chi’ after misconduct allegations Today 12:36 PM
- Police raid Black woman’s house after white neighbor complains about loud Malcolm X speeches Today 12:20 PM
- ‘Transfixed’ says it’s a ‘breakthrough’ series, but it still fetishizes trans bodies Today 11:04 AM
- Senator proposes Do Not Track bill to allow consumers to opt out of data gathering Today 10:54 AM
- The Queen of the North likes to Juul Today 10:36 AM
- Nearly half of Juul’s Twitter followers can’t legally buy the product, study says Today 10:26 AM
- New Facebook Messenger scam tricks people into thinking they donated to ISIS Today 10:26 AM
- Film meme mocks ‘brilliant’ Daenerys shot in ‘Game of Thrones’ finale Today 10:13 AM
- YouTube love triangle: ProJared’s mistress Commander Holly makes startling accusations Today 10:05 AM
- Middle schoolers investigated for allegedly serving semen crepes to teachers Today 10:04 AM
- Memelord from Reddit’s r/The_Donald joins Trump onstage at rally Today 9:23 AM
A report from Trends Micro says there is a shift in the ATM malware landscape from attacks that require physical instruments to network-based approaches. Instead of using skimmers, USB-ports, or CD drives to infect a machine, hackers are now infiltrating a bank’s internal networks to gain access to ATM funds.
The steps in these attacks aren’t unlike the many cyberattacks we’ve seen over the past few years. Hackers first send malware using an email phishing scam to a company’s weakest link—its error-prone human employees—before stealing admin credentials and hacking into networks. Once that’s complete, criminals can gain remote access to ATMs and start dispensing cash.
A benefit of using remote attacks is that any ATM connected to the compromised network can be attacked, unlike a physical attack which requires targeting a single machine at the most opportune time. Hackers can even attack multiple machines simultaneously, spewing out money to cash mules who act like they’re making a standard transaction. Some malware even has self-deleting properties, making it nearly impossible to trace back to the source.
Trends Micro says it worked with European Cybercrime Center (EC3) to examine how network-based attacks have developed over time. The internet security company presented the Ripper case as one of the most damaging examples. In 2016, hackers stole more than 12 million baht, or around $350,000, in Thailand from 21 ATMs. Around 10,000 machines were vulnerable to the attack.
“It could be that these are regular criminal groups that already had access to the bank’s network and eventually realized that they could hop onto the ATM network,” Trends Micro writes. “In Ripper’s case, though, it shows that some of these criminals are specifically looking for the ATM network as a target and not stumbling upon it by mere chance. These gangs have both the inclination and the technical knowledge to target these machines over any other resources of the targeted bank.”
The report explains that hackers have two main objectives when going after an ATM: to either empty its cash out or collect payment card data while people are using them, similar to a skimmer. Network-based attacks are much more complicated than physical attacks, but often lead to higher payouts.
Attacks using remote methods have not been reported in Europe or the United States, but Trends Micro and EC3 believe it is “probably going to consolidate in 2017 and beyond.”
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.