Instead of targeting individual bank customers, hackers are making cash machines across Europe spit out cash while accomplices scoop it up, a practice known as jackpotting.
Previous ATM attacks required physical access to manipulate machines, but the recent wave involves remotely infecting them, which allows hackers to attack many machines at once, Reuters reports. People, however, need to be near the machines to pick up the booty.
Threat intelligence vendor Group-IB’s report on the campaign says at least 14 countries have been hit, including the Netherlands, Poland, Romania, Russia, Spain and Britain. The report attributes the crimes to a group called Cobalt, which has the ability to take over bank networks in as little as 10 minutes.
Such ATM attacks occurred over the summer, too: Thieves stole approximately $2.5 million from ATMs in Taiwan and $350,000 from machines in Thailand.
The Wall Street Journal reported the FBI this month warned U.S. banks to be on alert for such attacks and specifically the Buhtrap software, used by a Russian gang that targets both banking transaction networks and ATM networks. That software, likely developed by “a small corps of elite hackers,” according to the report, is now being used by other groups.
“This type of attack does not require development of expensive advanced software—a significant amount of the tools used are widely available on the deep web,” Group-IB researcher Dmitry Volkov said in a statement.