The New Breed of ATM Hackers

Over the past few years, scammers have increasingly siphoned cash off of digital payment networks, stealing hundreds of millions of dollars so far. Not only is the problem hard to contain; new findings show that it’s evolving and maturing, with new types of ATM malware on the rise.

Researchers at the Kaspersky Security Analyst Summit in Singapore are presenting findings on Wednesday about a new wave of payment system scams. Beyond so-called jackpotting attacks, which cause individual ATMs to spit out money, hackers are manipulating ATM networks and the digital authentication checks in the machines to cash out fraudulent transfers they initiate around the globe.

Hackers have hit a variety of financial platforms—including Mexico’s domestic money transfer system SPEI—in payment systems frauds in recent years. But the majority of the scams target the international payment network SWIFT, which transfers trillions of dollars per day. Numerous notorious digital bank heists, like a whopping $81 million stolen in Bangladesh in 2016 and $10 million stolen in Chile last year, have shown how vulnerable digital payment networks can be.

But attackers are now using the same types of transaction manipulations in unexpected places, like ATM networks, to get around new defenses while still using the same types of strategies that have already raked in a steady stream of cash.

arketyp.

Over the past few years, scammers have increasingly siphoned cash off of digital payment networks, stealing hundreds of millions of dollars so far. Not only is the problem hard to contain; new findings show that it’s evolving and maturing, with new types of ATM malware on the rise.