Cybersecurity experts found a new trace of an ATM Jackpotting Attack via infamous ATM malware named Cutlet Maker. The researchers opined that the usage of this malware by attackers is now rapidly growing across the globe.
Cutlet Maker malware was designed in 2017 to spit the cash from ATMs in Germany. In ATM jackpotting, attackers use malware like Cutlet Maker to trick the ATM, by exploiting its vulnerability, to eject the cash.
A joint investigation by Motherboard and the German broadcaster Bayerischer Rundfunk revealed some new details about a series of Jackpotting Attacks. The malware was used to attack multiple ATMs in Germany to steal around US$ 1.5 million during 2017. It’s said that a total of 10 different jackpotting incidents had taken place between February and November 2017, involving Cutlet Maker malware.
According to the investigation findings, the attacked regions include the U.S., Latin America, and Southeast Asia. The Spanish Commercial Bank Santander is one of the highly impacted banks in the 2017 attacks, as it used outdated Windows systems.
“Protecting our customers’ information and the integrity of our physical network is at the core of what we do. Our experts are involved in every stage of product development and operations to protect customers and the bank from fraud and cyber-threats. This focus on protecting our data and operations prevents us from commenting on specific security issues,” a Santander spokesperson said in a statement.
In January 2018, National Cash Register (NCR) Corporation and Diebold Nixdorf, two leading financial self-service providers in the United States, issued warnings against Jackpotting Attacks that make ATMs gush out cash incessantly. The self-service kiosk makers accepted to have informed their clients about the vulnerability. Although there is no available data on the losses due to these incidents, the ATM manufacturers have admitted to the rising cases of jackpotting across the world.
These ATM cyberattacks took off in 2015 in Asia, Europe and Mexico, however, now their new target is the U.S, raising concerns for the U.S. Secret Service, which has advised financial institutions to be cautious. “This should be treated by all ATM deployers as a call to action to take appropriate steps to protect their ATMs against these forms of attack,” NCR cautioned.