Jackpotting Scheme Threatens US ATMs

An ATM jackpotting scheme previously observed in numerous countries is reportedly now threatening terminals within the US. According to security alerts issued by Diebold Nixdorf, threat actors are targeting Front-load Advanced Function Dispenser (AFD)-based Opteva terminals in a scheme designed to steal large amounts of cash from vulnerable ATMs. During past attacks in Mexico, criminals infected terminals using the Ploutus.D ATM malware by installing it directly on the ATM’s internal computer or by replacing the device’s hard disk drive (HDD) with a malware-infected one. The NJCCIC recommends users and administrators of ATM terminals review Diebold Nixdorf’s October 2017 and January 2018 reports and implement the recommended security mechanisms as soon as possible. We also encourage users to report any suspicious ATM activity to law enforcement immediately.

AlertNJCCICATM, Jackpotting