Jackpotting Attackers Are Back In Action, Belgium’s Argenta Bank Targeted

Jackpotting attack, also known as a logical attack, can turn any ATM machine into a cash spewing machine. This sophisticated crime requires specific knowledge and technical skills to decipher the workings of an ATM machine. The most recent attacks were seen in Belgium, where hackers were targeting ATMs to spit out money.

Jackpotting attackers target Belgium

Some hackers recently attempted jackpotting attacks on a Belgian financial institution, making it the first-ever known jackpotting attack in the country.
  • Belgium’s Argenta bank was targeted by a jackpotting attack, after which it had to close down 143 of its cash machines.
  • Cybercriminals attempted to target machines in the Roeslare city and the Ingelmunster city on two consecutive days.
  • Attackers mainly targeted the ATM machines manufactured by Diebold Nixdorf, forcing the ATM machines to spew out all of its cash for the attackers.

Recent Jackpotting attacks

In the past few years, attackers have been using malware or other various tricks to carry out Jackpotting attacks on ATM machines.
  • In July 2019, it was disclosed that the hacker group dubbed ‘Silence’ had targeted the Dutch Bangla Bank Limited in Bangladesh via jackpotting attacks and allegedly stole $3 million.
  • In February 2019, an ATM malware dubbed WinPot was discovered, which was designed to target the ATM machines of an unnamed vendor, and which even provided visual indicators of the targeted ATM's cassettes.

ATM attack trends

ATM jackpotting has been a slow but steady attack method used by the attackers. A report by the European Association for Secure Transactions (EAST) highlights some interesting trends related to this attack method:
  • In the first half of 2019, the attempts of jackpotting attacks across European banks failed miserably, with criminal gangs making less than €1,000 from only one single successful robbery.
  • ATM malware and logical attacks against ATMs were down 43% (from 61 to 35) in this duration, mainly because these attacks require expensive tools, and take a long time time to execute.