Criminals continue to target ATMs with black boxes to run cash-out attacks and use explosives to get cash out of machines. But during the pandemic, most other types of attacks used to target ATMs, payment terminals and point-of-sale devices sharply declined, a new European study shows.
Older ATMs across Latin America are being struck by a new version of "jackpotting" malware, which can cause the machines to dispense cash. The malware, called Ploutus, can cause ATMs made by Itautec, a Brazilian company, to discharge up to $1,700.
Point-of-sale device manufacturers Verifone and Ingenico have released fixes for flaws in some of their devices after researchers found the vulnerabilities could have enabled attackers to steal payment card data, clone cards or install malware.
Criminals have been seeking innovative new ways to steal cash from ATMs. In the U.S., there has been a surge in physical attacks, while Europe has seen a sharp increase in "black box" attacks designed to make ATMs dispense cash on demand.
Despite the shift to e-commerce during the pandemic, attacks against POS devices persist. For example, Visa's payment fraud disruption team uncovered recent malware attacks on POS devices used by two North American hospitality companies.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
Diebold Nixdorf and NCR have issued patches for ATM software vulnerabilities that could enable a hacker with physical access to the devices to commit deposit forgery, according to the Carnegie Mellon University CERT Coordination Center.
Dozens of suspects have reportedly been arrested in connection with an ATM cash-out scheme that targeted Santander Bank branches in New Jersey, New York and Connecticut.
Diebold Nixdorf, a major manufacturer of ATMs, has issued an alert about "jackpotting" or "cash-out" attacks that are draining cash from its machines in several European countries. What makes these attacks unusual?
The notorious carder marketplace Joker's Stash is advertising a fresh batch of 400,00 stolen payment cards issued by both South Korea and U.S. banks, warns Group-IB. It says that on average, stolen APAC payment card data sells for five times more than stolen U.S. payment card data.
The RSA cybersecurity conference once again this year gathered tens of thousands of individuals to network and attend keynotes and briefings on topics ranging from election security and genomics to privacy and cybercrime. Here are 20 visual highlights from this year's event.
Who's surprised Chinese military hackers allegedly hacked Equifax? For a foreign power that continues to attempt to amass personal information on its adversaries, targeting a business that gets rich by buying and selling Americans' personal data remains an obvious play.
Facebook scientists have proposed using "radioactive data" watermarks to identify when online images get used to train neural networks. The proposal appears to be aimed at the rise of big data startups, such as Clearview AI, that are scraping publicly available photographs to create facial recognition tools.
A New York man was sentenced to five years in federal prison Tuesday after pleading guilty to helping a criminal gang steal nearly $400,000 from several banks through a physical ATM skimming scheme that continued for two years.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.