Tuesday, May 20, 2025
HomeComputer SecurityATM Jackpotting - Cutlet Maker Malware Spike Around the World to Spit...

ATM Jackpotting – Cutlet Maker Malware Spike Around the World to Spit the Cash From ATM

Published on

SIEM as a Service

Follow Us on Google News

Researchers discovered a new track of ATM jackpotting attack through infamous ATM malware called “Cutlet Maker” which is now rapidly growing up around the world.

Cutlet Maker malware specially designed to spit the cash from an ATM machine without using a debit card and the malware initially attack ATM ‘s in Germany in 2017. In which attackers stole millions of dollars from various ATM centers.

The attack referred to as ATM jackpotting where attacker uses malware like Cutlet Maker or piece of hardware to trick the ATM by taking advantage of vulnerability or misconfiguration to ejecting the cash from an ATM.

- Advertisement - Google News

GBHackers previously reported that the ATM malware like Cutlet Maker being advertising in the underground hacking forum to compromise the ATM machine by exploiting the vulnerabilities that reside in the ATM controller.

The price of the malware kit was 5000 USD at the time of research. It includes details such as the required equipment, targeted ATMs models, as well as tips and tricks for the malware’s operation. And part of a detailed manual for the toolkit was also provided.

 We reported several ATM malware attacks in the last two years including KoffieMaker that used by cybercriminals to steal money from ATM by connecting a laptop with the ATM machine cash dispenser, ATMJackpot that steal the data related to the cash dispenser, PIN pad, and card reader information.

Since then the first Cutlet Maker ATM malware attack spotted, now hackers continuously targeting other countries including U.S., Latin America, and Southeast Asia and it target the specific bank and ATM manufacturers. 

In another case, “Officials in Berlin said they had faced at least 36 jackpotting cases since spring 2018 and authorities have recorded 82 jackpotting attacks in Germany across different states in the past several years, resulting in several thousand Euro being stolen. They declined to name the specific malware used.”

According to Motherboard report  “It’s important to remember ATM jackpotting is not limited to a single bank or ATM manufacturer, though. It is likely the other attacks impacted banks other than Santander; those are simply the attacks our investigation identified.”

ATM jackpotting attack is familiar for very old, slow machines and the machine that didn’t get the proper security updates are the sources familiar with ATM attacks.

According to European Payment Terminal Crime Report for first half of 2019 “ATM malware and logical attacks against ATMs were down 43% (from 61 to 35) and all bar one of the reported ‘jackpotting’ attacks are believed to have been unsuccessful in Europe. Malware was used for 3 of the attack attempts and the remainder were ‘black box’ attacks.”

But other sources familiar with ATM attacks said jackpotting attacks are increasing in worldwide in this year.

In order to execute a jackpotting attack, hackers need to access to the internal components of the ATM. So, preventing that first physical attack on the ATM goes a long way toward preventing the jackpotting attack.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data

A new research report released today by Progressive International, Expose Accenture, and the Movement...

Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced...

More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads

The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as...

RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances

Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed "RedisRaider," specifically targeting...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data

A new research report released today by Progressive International, Expose Accenture, and the Movement...

Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced...

More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads

The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as...