Security News

The UK Post Office has awarded two contracts worth a total of £30m for a banking network and ATMs system in a procurement expected to be worth £357m once all contracts are awarded. UK government-owned company which runs the familiar local outlets has awarded Cennox a £26m contract for banking automation managed services while Vocalink has won a £4m contract for provision of a highly resilient, compliant and secure platform providing ATMs. The Post Office said last year it planned to close almost a third of its 2,000 cash machines, which are free to use and valuable to the public where alternative facilities are scarce.

The PCI Security Standards Council and the ATM Industry Association issued a joint bulletin to highlight an increasing threat that requires urgent awareness and attention. An ATM cash-out attack is an elaborate and choreographed attack in which criminals breach a bank or payment card processor and manipulate fraud detection controls as well as alter customer accounts so there are no limits to withdraw money from numerous ATMs in a short period of time.

This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency, the Department of the Treasury, the Federal Bureau of Investigation and U.S. Cyber Command. Working with U.S. government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise used by the North Korean government in an automated teller machine cash-out scheme­ - referred to by the U.S. Government as "FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks."

The CERT Coordination Center at Carnegie Mellon University has published alerts on several vulnerabilities that impact Diebold Nixdorf ProCash and NCR SelfServ automated teller machines. A vulnerability in the Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30, CERT/CC reveals, could be abused by an attacker with physical access to internal machine components to commit deposit forgery.

ATM manufacturers Diebold Nixdorf and NCR have fixed a number of software vulnerabilities that allowed attackers to execute arbitrary code with or without SYSTEM privileges, and to make illegal cash withdrawals by committing deposit forgery and issueing valid commands to dispense currency. "Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the cash and check deposit module and the host computer. An attacker with physical access to internal ATM components can intercept and modify messages, such as the amount and value of currency being deposited, and send modified messages to the host computer," the CERT Coordination Center at Carnegie Mellon University explained the root of CVE-2020-9062.

Cybercriminals are using software from leading ATM manufacturer Diebold in a series of hacks against cash terminals across Europe, forcing the machines to dispense cash to crooks. So called Jackpotting attacks are those in which cybercriminals find a way to hack into an ATM machine to trigger the machine to release cash, much like a slot machine at a casino-hence the name.

Driver vulnerabilities can facilitate attacks on ATMs, point-of-sale systems and other devices, firmware security company Eclypsium warned on Monday. The firm now warns that the Windows drivers used in ATMs and PoS devices can be highly useful to threat actors targeting these types of systems.

TMD Security announced the launch of a global program with consulting firm Deloitte to help banks and ATM deployers understand the annual operational cost savings and benefits from replacing physical keys and manual processes with a key-less ATM and Branch Access Management solution. "Reducing ATM operational costs has never been more critical than it is today," said Cees Heuker of Hoek, CEO and Founder, TMD Security.

A group of Romanians operating an ATM company in Mexico and suspected of bribing technicians to install sophisticated Bluetooth-based skimmers in cash machines throughout several top Mexican tourist destinations have enjoyed legal protection from a top anti-corruption official in the Mexican attorney general's office, according to a new complaint filed with the government's internal affairs division. As detailed this week by the Mexican daily Reforma, several Mexican federal, state and municipal officers filed a complaint saying the attorney general office responsible for combating corruption had initiated formal proceedings against them for investigating Romanians living in Mexico who are thought to be part of the ATM skimming operation.

French prosecutors said on Friday that police had broken up an international network aimed at the so-called "Jackpotting" of ATMs that makes the machines eject all the cash they have inside. Jackpotting has become a known criminal scourge across the world in recent years.