 "ATM makers Diebold Nixdorf, NCR warn of 'jackpotting' hacks on US machines")
Diebold Nixdorf Inc and NCR Corp, two of the world's largest ATM makers, have warned that cyber criminals are targeting US cash machines with tools that force them to spit out cash in hacking schemes known as "jackpotting."
The two ATM makers did not identify any victims or say how much money had been lost. Jackpotting has been rising worldwide in recent years, though it is unclear how much cash has been stolen because victims and police often do not disclose details.
The attacks were reported earlier on Saturday by the security news website Krebs on Security, which said they had begun last year in Mexico.
The companies confirmed to Reuters on Saturday they had sent out the alerts to clients.
NCR said in a Friday alert that the cases were the first confirmed "jackpotting" losses in the United States. It said its equipment had not been targeted in the recent attacks, but that it was still a concern for the entire ATM industry.
"This should be treated by all ATM deployers as a call to action to take appropriate steps to protect their ATMs against these forms of attack," the alert said.
Diebold Nixdorf said in a separate Friday alert that U.S. authorities had warned the company that hackers were targeting one of its ATM models, known as Opteva, which went out of production several years ago.
A confidential U.S. Secret Service alert sent to banks said the hackers targeted stand-alone ATMs typically located in pharmacies, big box retailers and drive-thru ATMs, Krebs on Security reported.
Diebold Nixdorf's alert described steps that criminals had used to compromise ATMs. They include gaining physical access, replacing the hard drive and using an industrial endoscope to depress an internal button required to reset the device.
Reuters was unable to obtain a copy of the Secret Service report and an agency representative declined comment. Officials with the Federal Bureau of Investigation could not immediately be reached.
Russian cyber security firm Group IB has reported that cyber criminals remotely attacked cash machines in more than a dozen countries across Europe in 2016. Similar attacks were also reported that year in Thailand and Taiwan.
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app