What is this warning about?
Diebold Nixdorf, Manufacturer of ATM machines has now warned that a new wave of Black box attacks in the european countries. This is alert has been issued to all the banks and customers as well about a new version of the black box attack also known as jackpotting. The alert has been issued by the company after an incident in Belgium, where Agenta bank was affected by the same attack due to which the bank had to shut down 140+ numbers of its ATMs.

The confirmation of the new wave was mentioned in the security alert released by the company and obtained by ZDnet. As per the report, Diebold Nixdorf is continuing its process of analysing these new attacks. The company has also mentioned about the countermeasures against the attacks and their implementation. Diebold Nixdorf also said that the attackers to perform jackpotting attack [black box attack], still need an external device to connect.

What is black box attack [Jackpotting] ?
Jackpotting is a type of attack where the attacker’s main motive is to dispense cash from the ATM illegitimately. In this type of attack, the attacker just uses the ATM machine for connecting his external device to the network via which ATM performs its task. ATM software is not used in this attack though.

Diebold Nixdorf also mentioned that the machines which were targeted are all Diebold Nixdorf ProCash 2050xe devices. the report also suggests that the attackers who pulled off these attacks on multiple ATM’s would might have got access to an unencrypted hard disc using which they prepared their new variant of attack.

What recommendations did Diebold Nixdorf suggested?

  • Implement protection mechanisms for cash modules.
  • Implement hardening of the software stack.
  • Limit physical access to the ATM.

If you want to know about all the counter measures in depth,
click to read the entire document .

By Siddhant Pathak

Cyber security architect, 7+ years experience in cyber security industry, Tech savy, Nature lover, Bullet 350 rider

Have some thoughts? why not share with us here.