ATMs manufactured by the brands NCR, Diebold Nixdorf and GRGBanking are vulnerable to remote hacker attacks, according to an analysis by Positive Technologies, a cybersecurity company. The survey warns that the scam can be carried out in less than 15 minutes due to security breaches resulting from unprotected connection and incorrect firewall configuration.
READ: New scam steals bank details of Brazilians
It is possible to exploit these security flaws remotely or in the presence of the ATM. Positive Technologies indicates that anyone with access to the Internet network provider connected to the device has the power to break into the cash register and capture the data entered. In addition, the vulnerability can also be exploited directly, by unplugging the Ethernet cable from the box and replacing the authentic provider with a malicious one.
ATM has vulnerability that can be exploited by hackers – Photo: Reproduction / Pond5
Want to buy cell phones, TV and other discounted products? Discover Compare dnetc
Remote attacks on ATMs consist of infiltrating the ISP with malware. Once malicious software is installed on the device’s system, criminals can access the settings from anywhere and then modify the data printed on the cashier to take control of the machine.
After gaining access to the network, another more direct way to break into the ATM is by connecting the equipment to the machine’s card reader, in order to steal money or data from user cards, such as passwords, for example. The crime of withdrawing money from the ATM from the invasion (physical or remote) of the system is called jackpotting. Criminals are able to remove large amounts of the machine without causing any damage to the equipment. In some cases, hackers are able to release up to 40 ballots every 23 seconds.
Jackpotting was applied primarily in Asia, Europe and Mexico and recently began to reach banks in the United States. In August, the FBI issued urgent warnings about the threat of attacks on ATMs globally.
Via PTSecurity and Softpedia
What is jackpotting? Find out in the dnetc Forum.
What is ransomware: five tips to protect yourself