ATM Jackpotting attacks have recently moved from Mexico to the United States. This relatively new phenomenon utilizes a malware known as Ploutus-D, which compromises components of a well-known multivendor ATM software to gain control of hardware devices such as the dispenser, card reader and pin pad – allowing thieves to dispense all the cash within the machine in a few moments. Due to the nature of ATM Jackpotting, this new threat has the potential to cause tremendous losses for financial institutions (FIs).
While the malware is currently used to primarily target Opteva front load and older Persona machines, the malware’s base components have the potential to also target ATMs from other manufacturers.
Protecting Your ATMs
Fortunately, there are measures banks and credit unions can take to help protect their machines.
- Update Software and Patches – Firewalls and anti-malware protection may be the best defense against an ATM Jackpotting attack. As such, it is extremely important to ensure every machine, and especially those at most risk, are fully updated with the latest, supported software.
- Whitelist – Whitelisting, or the practice of locking down the system to prevent the uploading of unauthorized programs and/or USB devices helps prevent malware entry into the ATM’s computer by automatically blocking anything unfamiliar. This process should be coupled with disabling boot and auto-run features.
- Passcode Update – Evaluate machines to ensure passcodes have been updated from the manufacturer’s defaults. Default passwords are often listed in the manual for each model…which is typically available for free online.
- Custom Keys – A quick online search for “universal ATM keys” pulls up a plethora of options for quick purchase. These keys are designed to open nearly any ATM enclosure…and the computer. Even if the vault remains secure with a non-standard password, the inner hardware is wide open for manipulation. Ensure each of your ATMs has one or more specially designed keys to limit access and thwart universal keys.
- Physical Security and Monitoring – With there are many hardware and software protections that can be implemented, many ignore the obvious aspect of their ATMs…physical interaction. Indoor placement, security cameras and technology to identify tampering and shut down the machine are all effective ways to help deter criminal activity.
ATM Jackpotting is now a growing threat throughout the United States with thieves attempting to attack the most vulnerable locations possible. As such, vigilance is key to ensuring your FI does not become a target. Experts suggest a thorough network evaluation and implementation of as many of the measures listed above as possible. A multi-layered approach is considered key.
FIs managing their own machines are encouraged to monitor the network for suspicious activities like unscheduled ATM disconnections or reboots. Those FIs working with partners to manage their ATM networks are encouraged to open a conversation with their providers about ATM Jackpotting and the steps being made to protect and prevent attack.
About the author
Paul Albright — A industry leader in the payments space for over 20 years, Paul serves as Executive Vice President with Outsource ATM, a full-service ATM management company that has been partnering with banks and credit unions since 2001. Connect with Paul on LinkedIn, follow him on Twitter or contact him via email.
