ATM jackpotting is a form of criminal activity that exploits vulnerabilities in both physical and software systems of automated banking machines in order to force the machines to dispense cash. This type of attack can occur at any time and is typically carried out quickly to minimize the chances of being caught. Criminals utilize a portable device, such as a laptop or a smartphone, to physically connect to the ATM and use malware to manipulate the cash dispenser to release money.
Deception is often used by attackers to reduce the risk of being caught. They may disguise themselves as service personnel to avoid suspicion while targeting ATMs in isolated locations or those lacking human security guards for an easier theft. Once they have gained access to the machine, criminals can steal the cash reserves stored within without affecting any particular bank account balance.
ATM jackpotting relies on the use of malware, with notable families such as Ploutus and Anunak being commonly employed for such attacks. Ploutus, discovered in 2013, allows criminals to bypass security measures and take control of the ATM to steal money quickly. Anunak, also known as Carbanak malware, enables remote control of the infected ATM to extract large sums of money at will while also collecting sensitive data.
Standalone ATMs outside of bank premises are often targeted due to their lack of strict security measures. Older ATMs with outdated security controls are especially vulnerable, though any ATM can be a potential target for jackpotting attacks. ATM owners are advised to be vigilant and implement appropriate security measures to prevent such incidents.
To prevent ATM jackpotting attacks, banks should implement routine monitoring to detect suspicious activities, regularly update software and security patches, disable auto-start and auto-boot functions, and use electronic surveillance systems for enhanced security. By taking these preventative measures, organizations can increase their chances of detecting and thwarting ATM jackpotting attacks before they occur.