Crooks have acquired proprietary Diebold software to “jackpot” ATMs

by
Dan Goodin
from Ars Technica - All content on (#55YNW)
diebold-atm-800x600.jpg

Enlarge (credit: Shannon Prickett / Flickr)

Diebold Nixdorf, which made $3.3 billion from ATM sales and service last year, is warning stores, banks, and other customers of a new hardware-based form of jackpotting," the industry term for attacks that thieves use to quickly empty ATMs.

The new variation uses a device that runs parts of the company's proprietary software stack. Attackers then connect the device to the ATM internals and issue commands. Successful attacks can result in a stream of cash, sometimes dispensed as fast as 40 bills every 23 seconds. The devices are attached either by gaining access to a key that unlocks the ATM chassis or by drilling holes or otherwise breaking the physical locks to gain access to the machine internals.

In previous jackpotting attacks, the attached devices, known in the industry as black boxes, usually invoked programming interfaces contained in the ATM operating system to funnel commands that ultimately reached the hardware component that dispenses cash. More recently, Diebold Nixdorf has observed a spate of black box attacks that incorporated parts of the company's proprietary software.

Read 8 remaining paragraphs | Comments

index?i=YnU7NVx_EPw:VAioWw0ECWg:V_sGLiPB index?i=YnU7NVx_EPw:VAioWw0ECWg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments