Hackers are using malicious software to target cash machines

The software forces machines to dispense cash remotely


Cyber criminals are using malicious software to hack into cash machines in countries across the world, forcing them to dispense cash to other criminals remotely.

The hack was discovered by Russian cyber security firm Group IB and has apparently been happening for the last five years, the company's research has revealed.

The first cash machines targeted were discovered in Taiwan and Thailand, but it seems attacks have been happening more regularly in Europe now too. They have increased in frequency too. Originally, hackers were only able to target small numbers of ATMs because they needed an accomplice to visit the cash machines to remove the money they were spitting out.

The commands were sent from centres in Asia and Europe, situated in remote locations to make the criminals hard to catch, with actors on the ground to snatch the sums of cash when it was dispensed. However, they've now become much larger-scale attacks as the criminal community has become aware of the hack.

Advertisement - Article continues below
Advertisement - Article continues below

"They are taking this to the next level in being able to attack a large number of machines at once," said Nicholas Billett, Diebold Nixdorf's senior director of core software and ATM Security. "They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down."

ATMs in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain and Malaysia have all been targeted using these "smash and grab" attacks and although banks are now wising up to the cyber attack, they are likely to continue until the software can be intercepted.

"We have been working actively with customers, including those who have been impacted, as well as developing proactive security solutions and strategies to help prevent and minimize the impact of these attacks," Owen Wild, NCR's global marketing director for enterprise fraud and security said.

The extent of the attacks can be seen in Group IB's research. It revealed $2.5 million was stolen from Taiwan's First Bank and $350,000 was taken from Thailand's Government Savings Bank in July.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Server & storage

Broadberry CyberServe R182-Z90 review: Gigabyte’s EPYC gamble pays off handsomely

7 Jan 2020
Microsoft Windows

GCHQ warns against Windows 7 for email, banking

13 Jan 2020