The Federal Bureau of Investigation (FBI) has issued a worldwide warning to banks about a possible ATM scam that could hit them very soon and lead to a loss of millions of dollars. And although many financial institutions beefed up their security measures, reports show that multiple ATMs have been vulnerable to a series of such attacks.
“The FBI has obtained unspecified reporting indicating cybercriminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach commonly referred to as an ‘unlimited operation,’” The Next Web quotes an FBI statement.
The hackers will possibly install malware on the servers of payment processors and financial institutions that would give them admin level access to the entire data. Once this has been done, they will be able to disable fraud protection measures and increase the withdrawal limit on ATM transactions, which would allow them to collect millions of dollars with little effort.
The FBI believes that the hackers will be using debit and credit card numbers found on the dark web. They will then send the data to their co-conspirators who will make fraudulent copies of the cards by imprinting the data on magnetic strip cards. The ATM attacks by hackers usually tend to occur on the weekends when the financial institutions are closed.
A similar kind of hacking attempt was made on National Bank of Blacksburg on two separate occasions. The criminals succeeded in cashing out US$2.4 million from more than a hundred ATMs across the U.S. Meanwhile, financial institutions have taken note of the warning and have reportedly taken additional precautions.
“It is quite common in the financial industry to get alerts like these, and whenever we do, we automatically trigger to our fail-safe position, where we increase our monitoring and heighten our alert system to make sure that we are covered. We have all of the IT team, and most of the fraud team, all hands on deck over the weekend, to be able to catch those unusual events quickly and promptly,” ABC 7 News quotes RS Mukherjee, Chief Information Officer at Technology Credit Union.
Just a day after the warning was issued, Cosmos Cooperative Bank saw ATM attacks on its branches located across Hong Kong, India, and Canada. In just three days, the hackers had managed to transfer millions of dollars.
“On August 11, the hackers cloned the card details and did over 12,000 transactions and transferred Rs 78 crore [US$10 million] out of India. On the second instance, total 2,849 transactions were done in which Rs 2.5 crore [US$320,000] was transferred within India,” DNA India quotes from a First Information Report.
The FBI is recommending that banks implement stronger two-factor authentication and password requirements to protect the money. They also advise separating the duties or dual authentication practices for withdrawal increases or account balances above a very specific threshold.
Institutions should also monitor administrative tools and remote network protocols which are used to pivot back to the network. Business critical accounts must be audited and limited. All encrypted traffic that travels over non-standard ports should also be closely watched. Financial institutions should be wary of any significant network traffic to areas that usually do not see many outbound connections.