Press
8/5/2020

V. Palečka on hacker attacks on ATMs

The number of ATM attacks in Europe is growing, with criminals stealing 249 million euros last year. Nowadays, instead of brute force hacker uses tricks.

ATMs are being attacked by hackers in Europe, the bank in the Czech Republic has turned off almost a hundred ATMs, and we have recorded the first case in the Bratislava region. According to a report by the European Association for Secure Transactions, the number of attacks on terminals increased by 35 percent year on year. A new practice in ATM attacks is the so-called jackpotting, where attackers, thanks to physical access to the ATM and the use of malicious software, can steal banknotes without using brute force. “The attacker connects a USB key with malicious code to the ATM or connects through the keyboard, then by hacking forces the ATM to issue cash,” said Vladimír Palečka, cybersecurity expert at Aliter Technologies.

It is no longer interesting for criminals to use brute force, explosives or ripping out ATMs by SUVs in robberies. “Today, more than ever, criminals are teaming up with hackers to find out how to steal money more effectively. There are specific instructions on darkweb, while Eastern European hackers are a leader in creating malicious software for ATMs,” adds Vladimír Palečka. Diebold Nixdorf, one of the largest ATM manufacturers, also responded to the attacks, issuing a warning to banks across the continent.

In addition to banks, people should also be cautious. “Hackers are inventive and try many tricks, we have recorded cases where they created fake internet banking websites and asked people to reset their passwords via e-mail. After trying to log in, the hackers obtained data and robbed the victim’s account,” added Vladimír Palečka. According to an expert, two-factor authentication can protect people from such attacks, for example via an SMS message. People should also not wear a written PIN code in their wallet along with ATM cards, so that in the event of loss or theft, the thief does not have an open path to the account.

SOURCE: Press