WHAT IS ATM MALWARE?
ATM malware is malicious software designed to compromise automated teller machines (ATMs) by exploiting vulnerabilities in the machine’s hardware or software. ATM malware is used to commit a crime known as “jackpotting” in which attackers install malware that forces ATMs to dispense large amounts of cash on command. ATM malware can also be used to steal financial information captured at ATM terminals, such as payment card numbers and PIN codes.
HOW ARE ATMS INFECTED?
The installation of ATM malware typically requires physical access to an ATM via the machine’s USB port or CD-ROM drive. However, some advanced attacks involve compromising the bank’s internal network in order to install malware on ATM machines without physical access.
RECOMMENDATIONS
- Keep device hardware and software updated with the latest version and patches.
- Limit network and physical access to an ATM’s ports.
- Secure the head compartment of the ATM using appropriate locking mechanisms.
- Implement access control for service technicians based on multi-factor authentication.
- Monitor access to ATM machines and report suspicious activity to your local police department as soon as possible.