Black boxes, which mimic an ATM’s internal PC, can either be laptops or Raspberry or Arduino hardware that’s fairly easy to build, Oliveira said. Black boxes are one of four jackpotting techniques that Diebold Nixdorf describes here.

In some cases, the attached devices connect directly to the cash dispenser and issue commands for it to spit out cash. The other form of black-box attack plugs into network cables and records cardholder information as it’s relayed back and forth between the ATM and the transaction center that processes the session. The attached device then changes authorized maximum withdrawal amounts or masquerades as the host system to allow the ATM to dispense large sums of money.

The above-linked jackpotting brochure describes two other types of attacks. The first swaps out the legitimate hard drive with one created by the attackers. The other uses phishing attacks against bank employees. Once attackers obtain access inside the network of a financial institution, they issue commands that infect ATMs with malware that can be used to clean out the machines.

Good News and Bad News
The new attack variation described by Diebold is both good and bad news for consumers. On the one hand, there’s no indication thieves are using their recently acquired software stack to steal card data. The bad news is that attackers appear to have their hands on proprietary software that makes attacks more effective. The recent increase in successful jackpotting ultimately results in higher fees, as financial institutions pass on the costs caused by the losses. Diebold has issued a variety of defenses that ATM owners can take to protect against the attacks.

There’s little ATM users can do to prevent jackpotting. Still, it’s important to use only ATMs belonging to major banks and eschew those from mom-and-pop businesses. It’s also a good idea to shield the keyboard while entering PINs and to check bank statements each month in search of any unauthorized transactions.

Sourced through from: