Security & Fraud

ATMs Are Spontaneously Vending Cash (Thanks, Hackers)

Why make one’s life hard hacking consumer accounts — or taking up armed robbery — when one can get the best of both worlds by directly attacking the banks’ computers and getting ATMs to do things like start spewing cash for no apparent reason?

Taiwan and Thailand saw such attacks earlier this year when cyber criminals programmed bank ATMs to spew cash. Gang members knew when the cashsplosion was coming — and stood in front of the machines ready to scoop up millions of dollars in ill-gotten gains. In Taiwan, Taipei city police got reports of currency lying on a First Commercial Bank ATM in the city’s Da’an Precinct. Reports of loose cash at other ATMs soon followed.

And lest one think it can’t happen here in the U.S. — know the FBI does not agree and thinks U.S. banks could easily be in line for similar attacks. The FBI said in a bulletin that it is “monitoring emerging reports indicating that well-resourced and organized malicious cyber actors have intentions to target the U.S. financial sector.”

The FBI report pointed at software used by a Russian gang known as Buhtrap.

The FBI said hackers broke into both the Taiwan and Thailand banks with fraudulent “phishing” emails disguised to look like messages from ATM vendors or other banks. Those emails allowed cybercriminal gangs to infect banks computers with a modded version of the Buhtrap malware.

This attack is one in a line of recent attacks that have seen criminal retargeting their activity away from consumers and toward institutions themselves.

“These guys, who could have been in the past just gone after consumers…are breaking into financial institutions,” said Eric Chien, technical director of Symantec Corp.’s Security Technology and Response division.

Investigators say a small corps of elite hacking groups is carrying out the attacks.

“The skill level to create the malware for the actual network intrusions is a step up,” from more common ATM crimes, said Robert McArdle, a security researcher with antivirus vendor Trend Micro Inc.




Latest Insights: 

The Which Apps Do They Want Study analyzes survey data collected from 1,045 American consumers to learn how they use merchant apps to enhance in-store shopping experiences, and their interest in downloading more in the future. Our research covered consumers’ usage of in-app features like loyalty and rewards offerings and in-store navigation, helping to assess how merchants can design apps to distinguish themselves from competitors.

Click to comment


To Top