Trend Micro (a top cyber security software solutions company) along with Europol’s European Cybercrime Centre (EC3) have recently released a whitepaper explaining how new types of ATM thefts have started to emerge. These are happening particularly because many ATM networks don’t use updated software, thus don’t receive the latest security updates, which makes them extremely vulnerable when faced with digital frauds.
Hackers initiate the attack from the ATM network
Apparently, the new scheme no longer relies on cyber criminals physically standing in front of an ATM and using skimming devices, but attacking the ATM from inside, through their network. One of the easiest ways to infiltrate the ATM network is by sending phishing e-mails to bank employees; once they introduce a malicious code into the e-mail system, they capture valuable information about the employees’ daily tasks and they can also trace vulnerabilities of the ATM network.
The next and final step is to install malware on the ATM server. Mainly, the hackers use a code that generates a secret-key for each session. When a bank customer uses the same key, the code allows the hacker to empty the ATM.