Thursday, October 10, 2024
HomeComputer SecurityATM Jackpotting - Cutlet Maker Malware Spike Around the World to Spit...

ATM Jackpotting – Cutlet Maker Malware Spike Around the World to Spit the Cash From ATM

Published on

Researchers discovered a new track of ATM jackpotting attack through infamous ATM malware called “Cutlet Maker” which is now rapidly growing up around the world.

Cutlet Maker malware specially designed to spit the cash from an ATM machine without using a debit card and the malware initially attack ATM ‘s in Germany in 2017. In which attackers stole millions of dollars from various ATM centers.

The attack referred to as ATM jackpotting where attacker uses malware like Cutlet Maker or piece of hardware to trick the ATM by taking advantage of vulnerability or misconfiguration to ejecting the cash from an ATM.

- Advertisement - EHA

GBHackers previously reported that the ATM malware like Cutlet Maker being advertising in the underground hacking forum to compromise the ATM machine by exploiting the vulnerabilities that reside in the ATM controller.

The price of the malware kit was 5000 USD at the time of research. It includes details such as the required equipment, targeted ATMs models, as well as tips and tricks for the malware’s operation. And part of a detailed manual for the toolkit was also provided.

 We reported several ATM malware attacks in the last two years including KoffieMaker that used by cybercriminals to steal money from ATM by connecting a laptop with the ATM machine cash dispenser, ATMJackpot that steal the data related to the cash dispenser, PIN pad, and card reader information.

Since then the first Cutlet Maker ATM malware attack spotted, now hackers continuously targeting other countries including U.S., Latin America, and Southeast Asia and it target the specific bank and ATM manufacturers. 

In another case, “Officials in Berlin said they had faced at least 36 jackpotting cases since spring 2018 and authorities have recorded 82 jackpotting attacks in Germany across different states in the past several years, resulting in several thousand Euro being stolen. They declined to name the specific malware used.”

According to Motherboard report  “It’s important to remember ATM jackpotting is not limited to a single bank or ATM manufacturer, though. It is likely the other attacks impacted banks other than Santander; those are simply the attacks our investigation identified.”

ATM jackpotting attack is familiar for very old, slow machines and the machine that didn’t get the proper security updates are the sources familiar with ATM attacks.

According to European Payment Terminal Crime Report for first half of 2019 “ATM malware and logical attacks against ATMs were down 43% (from 61 to 35) and all bar one of the reported ‘jackpotting’ attacks are believed to have been unsuccessful in Europe. Malware was used for 3 of the attack attempts and the remainder were ‘black box’ attacks.”

But other sources familiar with ATM attacks said jackpotting attacks are increasing in worldwide in this year.

In order to execute a jackpotting attack, hackers need to access to the internal components of the ATM. So, preventing that first physical attack on the ATM goes a long way toward preventing the jackpotting attack.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users

Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.The flaw,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users

Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.The flaw,...

Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code

Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability...

Wireshark 4.4.1 Released, What’s new!

Wireshark, the world’s leading network protocol analyzer, has just released version 4.4.1, bringing a...