Hackers are using malicious software to target cash machines

The software forces machines to dispense cash remotely

ATM

Cyber criminals are using malicious software to hack into cash machines in countries across the world, forcing them to dispense cash to other criminals remotely.

The hack was discovered by Russian cyber security firm Group IB and has apparently been happening for the last five years, the company's research has revealed.

Advertisement - Article continues below

The first cash machines targeted were discovered in Taiwan and Thailand, but it seems attacks have been happening more regularly in Europe now too. They have increased in frequency too. Originally, hackers were only able to target small numbers of ATMs because they needed an accomplice to visit the cash machines to remove the money they were spitting out.

The commands were sent from centres in Asia and Europe, situated in remote locations to make the criminals hard to catch, with actors on the ground to snatch the sums of cash when it was dispensed. However, they've now become much larger-scale attacks as the criminal community has become aware of the hack.

"They are taking this to the next level in being able to attack a large number of machines at once," said Nicholas Billett, Diebold Nixdorf's senior director of core software and ATM Security. "They know they will be caught fairly quickly, so they stage it in such a way that they can get cash from as many ATMs as they can before they get shut down."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

ATMs in Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain and Malaysia have all been targeted using these "smash and grab" attacks and although banks are now wising up to the cyber attack, they are likely to continue until the software can be intercepted.

"We have been working actively with customers, including those who have been impacted, as well as developing proactive security solutions and strategies to help prevent and minimize the impact of these attacks," Owen Wild, NCR's global marketing director for enterprise fraud and security said.

The extent of the attacks can be seen in Group IB's research. It revealed $2.5 million was stolen from Taiwan's First Bank and $350,000 was taken from Thailand's Government Savings Bank in July.

Advertisement

Recommended

Visit/security/cyber-security/355185/165-million-britons-experienced-a-cyber-crime-in-the-past-year
cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020
Visit/cloud/amazon-web-services-aws/355183/aws-launches-amazon-detective
Amazon Web Services (AWS)

AWS launches Amazon Detective for investigating security incidents

1 Apr 2020
Visit/security/privacy/355182/government-to-launch-coronavirus-contact-tracking-app
privacy

UK government to launch coronavirus 'contact tracking' app

1 Apr 2020
Visit/software/video-conferencing/355180/zoom-does-not-use-end-to-end-encrypted
video conferencing

Zoom admits meetings don't use end-to-end encryption

1 Apr 2020

Most Popular

Visit/security/cyber-security/355200/spacex-bans-the-use-of-zoom
cyber security

Elon Musk's SpaceX bans Zoom over security fears

2 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020