How a key ingredient in Coca-Cola, M&M's is smuggled from war-torn Sudan - Reuters
Worldwide ATM hack could see millions withdrawn from banks in major operation, warns FBI
8:57 CAT | 15 Aug 2018
Cyber criminals are planning a highly-coordinated attack on cash machines around the world that could see millions of dollars withdrawn from customer bank accounts, the FBI has warned.
A confidential alert sent to banks stated that the scheme, known as an “ATM cashout”, could take place in the space of just a few hours, most likely on a weekend after banks have closed. The scheme involves cloned cards, together with a hack on a bank or payment processor in order to facilitate the fraudulent withdrawal of funds by gangs of cyber criminals.
“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’,” states an FBI alert to banks that was obtained by cyber security expert Brian Krebs.
“Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities. The FBI expects the ubiquity of this activity to continue or possibly increase in the near future.”
A similar attack reported last month resulted in losses of $2.4 million for the National Bank of Blacksburg, Mr Krebs noted, which involved hundreds of ATMs across the United States over the course of several months.
This kind of attack usually targets data acquired from small- and medium-sized banks because they tend to have less security than large institutions. That was the case in a series of attacks on Virginia’s National Bank of Blacksburg over an eight month period between 2016 and 2017. Hackers stole $2.4 million from ATMs around the country in two separate attacks on the same bank. Despite bulked-up security, the hackers managed to access the bank’s network twice through phishing emails.
The expected attack follows a spate of “jackpotting” attacks in the U.S. earlier this year, in which hackers programmed machines to spit out cash at specified times.
Source: The Independent UK / Fortune
Show comments
Also read
Leave a Reply
Be the First to Comment!
You must be logged in to post a comment.
You must be logged in to post a comment.