Diebold Nixdorf ATMs targeted by jackpotting attacks

According to a new report from ATM manufacturer Diebold Nixdorf, there is a campaign of jackpotting focused on European ATMs. Jackpotting is an attack where criminals force an ATM to dispense money illegitimately, usually by manipulating the software in the machine. In this case, Diebold Nixdorf states the following about the jackpotting attacks its ATMs are facing:

In the recent incidents, attackers are focusing on outdoor systems and are destroying parts of the fascia in order to gain physical access to the head compartment. Next, the USB cable between the CMD-V4 dispenser and the special electronics, or the cable between special electronics and the ATM PC,was unplugged.

This cable is connected to the black box of the attacker in order to send illegitimate dispense commands. Some incidents indicate that the black box contains individual parts of the software stack of the attacked ATM. The investigation into how these parts were obtained by the fraudster is ongoing. One possibility could be via an offline attack against an unencrypted hard disc.

Diebold Nixdorf's security alert gives recommendations on how to counteract the jackpotting attacks. The first line of defense is making sure that the software stack is as secure as possible. This means implementing the software stack with the most recent security functionality, utilizing hard disk encryption to stop tampering, and introducing IDS (Intrusion Detection Systems) to recognize unauthorized access. Diebold Nixdorf also recommends that physical access be restricted. This means securing any areas used by service personnel, and additionally, utilizing multifactor authentication for any access control protocols used by technicians.

Diebold Nixdorf says the hackers have not stolen personal data such as card numbers in this jackpotting campaign. Customers of the company are encouraged to get into contact with their local Diebold Nixdorf security expert to answer any more questions.

Featured image: Diebold Nixdorf

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

See the light: How to avoid webcam hacking

With so many employees video conferencing from home, the webcam may be a portal to…

3 days ago

Using Intel VTune Profiler performance analyzer on Hyper-V VMs

The Intel VTune Profiler performance analyzer can do more than monitor a system’s CPU utilization.…

3 days ago

The evolution of backup: Interview with Altaro’s Simon Attard

Backup is not the glitziest part of an IT pro’s job, but it may be…

4 days ago

U.S. Department of Veterans Affairs experiences data breach

A successful cyberattack initiated by a social engineering campaign has caused a data breach at…

4 days ago

How to turn off or restart Windows 10 updates: Step-by-step guide

In this article, we'll show you how to turn off or restart updates in Windows…

4 days ago

Five native Windows Admin Center extensions you need to know about

Windows Admin Center is becoming the tool of choice for managing Windows Server deployments. Here…

5 days ago