Hackers are using malicious software to target cash machines

The software forces machines to dispense cash remotely


Cyber criminals are using malicious software to hack into cash machines in countries across the world, forcing them to dispense cash to other criminals remotely.

The hack was discovered by Russian cyber security firm Group IB and has apparently been happening for the last five years, the company's research has revealed.

Advertisement - Article continues below

The first cash machines targeted were discovered in Taiwan and Thailand, but it seems attacks have been happening more regularly in Europe now too. They have increased in frequency too. Originally, hackers were only able to target small numbers of ATMs because they needed an accomplice to visit the cash machines to remove the money they were spitting out.

The commands were sent from centres in Asia and Europe, situated in remote locations to make the criminals hard to catch, with actors on the ground to snatch the sums of cash when it was dispensed. However, they've now become much larger-scale attacks as the criminal community has become aware of the hack.

"They are taking this to the next level in being able to attack a large number of machines at once," said Nicholas Billett, Diebold Nixdorf's senior director of core software and ATM Security. "They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down."

Advertisement - Article continues below
Advertisement - Article continues below

ATMs in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain and Malaysia have all been targeted using these "smash and grab" attacks and although banks are now wising up to the cyber attack, they are likely to continue until the software can be intercepted.

"We have been working actively with customers, including those who have been impacted, as well as developing proactive security solutions and strategies to help prevent and minimize the impact of these attacks," Owen Wild, NCR's global marketing director for enterprise fraud and security said.

The extent of the attacks can be seen in Group IB's research. It revealed $2.5 million was stolen from Taiwan's First Bank and $350,000 was taken from Thailand's Government Savings Bank in July.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020