From Krebs on Security
The Federal Bureau of Investigation (FBI) is warning banks that cybercriminals are preparing to carry out a highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.Read more: https://krebsonsecurity.com/2018/08/fbi-warns-of-unlimited-atm-cashout-blitz/
“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’,” reads a confidential alert the FBI shared with banks privately on Friday.
The FBI said unlimited operations compromise a financial institution or payment card processor with malware to access bank customer card information and exploit network access, enabling large scale theft of funds from ATMs.
“Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities,” the alert continues. “The FBI expects the ubiquity of this activity to continue or possibly increase in the near future.”
Well if you see someone taking a super long time at an ATM filling up a bag of cash you could be witnessing this attack. The complexity and coordination of such an attack is like something out of a movie. It makes me wonder now how much money an ATM keeps inside at full supply. That seems to be the only limit to this "unlimited" attack.
Leave your thoughts in the comments below.
Follow @contentjunkie to stay up to date on more great posts like this one.