With just the press of a button, "cash out crews" have been attacking ATMs around the world, and now apparently in the US. Reuters reports that two big ATM makers, Diebold Nixdorf and NCR Corp., have issued warnings about the so-called "jackpotting" scheme, which has made its way to US machines—usually stand-alone units in pharmacies, drive-thrus, or big-box stores, per a US Secret Service alert cited by Krebs on Security—for the very first time. "This is the first instance of jackpotting in the United States," site owner and security guru Brian Krebs tells the Washington Post. "It's safe to assume that these are here to stay at this point." And it's become an increasingly sophisticated money-grabbing maneuver, as he explains on his site.
Per the Secret Service alert, an on-the-street crew decked out to look like ATM technicians uses an endoscope like you'd see at the doctor's office to access an ATM's innards and connect the ATM's computer with their own laptop. The ATM will then seem to be out of service when other potential customers show up to use it, and "co-conspirators" can then send an SMS or use an external keyboard to command the ATM to start spitting out cash "like slot machines" to a "money mule" lying in wait, per the Post. In past hacks, also known as "logical attacks," the ATMs would churn out the bills "at a rate of 40 bills every 23 seconds," per the Secret Service alert, cleaning out the ATM unless the "Cancel" button was pressed. The mule then leaves and the "technicians" come back to disconnect their equipment. "This should be treated by all ATM deployers as a call to action," NCR warns.