Last month, the Federal Bureau of Investigation (FBI) warned US banks that their computers and networks could be under threat from cybercriminals “jackpotting” ATMs, or forcing them to spew out cash using malicious software. There have already been reports of this occurring in Taiwan, Thailand and across Europe, and the FBI believes that US banks are the next targets.
It is estimated that the malicious software used on ATMs has accounted for more than $300 million in losses. The FBI suspects that the group responsible for all of these attacks is a criminal group called Cobalt, which is linked to the Russian cyber crime gang, Buhtrap.
While in the past hacking ATMs required physical access to them, the recent attacks were carried out remotely using connected devices, such as smartphones. These attacks were well-timed and coordinated with gang members who would wait near the targeted ATMs to grab the money as soon as it started spitting out of the machines. The ATM hacks were conducted from central command centres allowing for a large number of ATMs to be targeted, rather than individual machines, in order to conduct widespread “smash and grab” operations to steal large amounts of money before the hacks were discovered.