Oct 29, 2004
In a first, US hit by “Jackpotting” attacks that empty ATMs in minutes | Ars Technica

For the first time on record, ATMs located in the US are falling prey to jackpotting, an attack in which malicious hardware or software forces the machines to dispense huge amounts of cash to waiting thieves, KrebsOnSecurity reported over the weekend.

Jackpotting has been documented in other countries, but until recently it had never been reported in the US. Citing an unnamed person close to the matter and a confidential alert, reporter Brian Krebs reported on Saturday that the US Secret Service has received credible reports of front-loading ATMs made by Diebold Nixdorf being targeted by so-called cash-out crews. The thieves are carrying out the heists by first getting physical access to the machines and infecting them with malware known as "Ploutus.D."

"The targeted stand-alone ATMs are routinely located in pharmacies, big box retailers, and drive-thru ATMs," stated the confidential Secret Service alert sent to financial institutions and obtained by KrebsOnSecurity. "During previous attacks, fraudsters dressed as ATM technicians attached a laptop computer with a mirror image of the ATM's operating system, along with a mobile device, to the targeted ATM."