2025 Pub. 16 Issue 2

ATM “Jackpotting” Attacks Have Increased Courtesy of ABA INSURANCE SERVICES ATM attacks have been rampant since 2018 and are showing no signs of letting up. For several years, “hook and chain” attacks were the most common method of ATM theft. To mitigate this type of theft risk, many banks erected physical barriers. More recent incidents, however, involve individuals using generic or master keys to unlock a machine’s exterior chassis or endoscopes to get inside an ATM — no trucks required. Shockingly, these can easily be purchased on the internet. The criminals then tamper with the machine’s hard drives to install malware, ultimately resulting in the disbursement of cash. This is known as “jackpotting.” The U.S. Secret Service has reported an increase in ATM jackpotting over the last six months. The attacks are believed to be the work of organized criminal groups and target multiple ATM manufacturers. With generic or master keys, criminals access an ATM’s chassis and remove and/or install malware using various methods such as a USB port device which then allows them to reboot the onboard PC using the compromised media and issue dispense commands, allowing them to deplete the ATM of cash. These commands can be sent remotely using either a laptop or cell phone, allowing them to avoid engaging directly with the ATM machine. In some cases, magnets are also used in conjunction to unlock an ATM’s exterior. 17 WEST VIRGINIA BANKER

RkJQdWJsaXNoZXIy MTg3NDExNQ==