The Federal Bureau of Investigation (FBI) is alerting banks about a potential attack against cash machines around the world in the next few days. The hackers are planning to conduct a global fraud scheme known as “ATM cash-out.”
The attackers compromise a bank or a payment processor and by using cloned cards withdraw a large sum of money from cash machine globally in a few hours.
“The FBI has obtained unspecified reporting indicating cybercriminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach, commonly referred to as an ‘unlimited operation,’” said in the FBI warning according to Krebs on Security.
The unlimited operation begins with compromising of a payment card processor with malware and gaining access to the customer’s card information.
After gaining access, the attackers will disable fraud prevention controls features of ATM such as withdrawal limits and transaction limits which will allow them to withdraw a large sum of money quickly.
“The cybercriminals typically create fraudulent copies of legitimate cards by sending stolen card data to co-conspirators who imprint the data on reusable magnetic strip cards, such as gift cards purchased at retail stores, At a pre-determined time, the co-conspirators withdraw account funds from ATMs using these cards.” the FBI warned.
Usually, all the ATM cashout attacks are launched on weekends just after the banks closed for business on Saturday.
The FBI has advised the financial institution to review their security measures and implement stronger security measures such as stronger password, enabling multi-factor authentication to prevent the attack.
You may be interested in reading: Researchers Discovered Critical Flaws in Leading mPOS Devices