Friday, March 29, 2024

ATM Jackpotting – Cutlet Maker Malware Spike Around the World to Spit the Cash From ATM

Researchers discovered a new track of ATM jackpotting attack through infamous ATM malware called “Cutlet Maker” which is now rapidly growing up around the world.

Cutlet Maker malware specially designed to spit the cash from an ATM machine without using a debit card and the malware initially attack ATM ‘s in Germany in 2017. In which attackers stole millions of dollars from various ATM centers.

The attack referred to as ATM jackpotting where attacker uses malware like Cutlet Maker or piece of hardware to trick the ATM by taking advantage of vulnerability or misconfiguration to ejecting the cash from an ATM.

GBHackers previously reported that the ATM malware like Cutlet Maker being advertising in the underground hacking forum to compromise the ATM machine by exploiting the vulnerabilities that reside in the ATM controller.

The price of the malware kit was 5000 USD at the time of research. It includes details such as the required equipment, targeted ATMs models, as well as tips and tricks for the malware’s operation. And part of a detailed manual for the toolkit was also provided.

 We reported several ATM malware attacks in the last two years including KoffieMaker that used by cybercriminals to steal money from ATM by connecting a laptop with the ATM machine cash dispenser, ATMJackpot that steal the data related to the cash dispenser, PIN pad, and card reader information.

Since then the first Cutlet Maker ATM malware attack spotted, now hackers continuously targeting other countries including U.S., Latin America, and Southeast Asia and it target the specific bank and ATM manufacturers. 

In another case, “Officials in Berlin said they had faced at least 36 jackpotting cases since spring 2018 and authorities have recorded 82 jackpotting attacks in Germany across different states in the past several years, resulting in several thousand Euro being stolen. They declined to name the specific malware used.”

According to Motherboard report  “It’s important to remember ATM jackpotting is not limited to a single bank or ATM manufacturer, though. It is likely the other attacks impacted banks other than Santander; those are simply the attacks our investigation identified.”

ATM jackpotting attack is familiar for very old, slow machines and the machine that didn’t get the proper security updates are the sources familiar with ATM attacks.

According to European Payment Terminal Crime Report for first half of 2019 “ATM malware and logical attacks against ATMs were down 43% (from 61 to 35) and all bar one of the reported ‘jackpotting’ attacks are believed to have been unsuccessful in Europe. Malware was used for 3 of the attack attempts and the remainder were ‘black box’ attacks.”

But other sources familiar with ATM attacks said jackpotting attacks are increasing in worldwide in this year.

In order to execute a jackpotting attack, hackers need to access to the internal components of the ATM. So, preventing that first physical attack on the ATM goes a long way toward preventing the jackpotting attack.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Website

Latest articles

Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed "Operation FlightNight" targeting Indian government...

WarzoneRAT Returns Post FBI Seizure: Utilizing LNK & HTA File

The notorious WarzoneRAT malware has made a comeback, despite the FBI's recent efforts to...

Google Revealed Kernel Address Sanitizer To Harden Android Firmware And Beyond

Android devices are popular among hackers due to the platform’s extensive acceptance and open-source...

Compromised SaaS Supply Chain Apps: 97% of Organizations at Risk of Cyber Attacks

Businesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation,...

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles