A cybercriminal group managed to steal all money from at least 35 ATMs operated by some Italian banks using an attack technique known as a “black box”. Local authorities confirmed that the hacker group stole approximately 800 thousand euros in a 7-month campaign identified as #ATMBlackBoxAttack.
Italy’s carabinieri corps identified 12 members of the criminal gang, arresting 6 individuals while 3 other individuals are in Poland under investigation. Local media report that this hacking group has multiple operating centers in various Italian cities, including Modena, Mantua, Vicenza and Parma.
On the attack variant used, cybersecurity specialists mention that this is an attack similar to the jackpotting technique in which ATMs are forpowered to hand over all the money through a series of commands issued by a device known as a black box. These devices must be connected to the attacked ATM in order to complete sending commands.
Black box attacks have become extremely popular among the cybercriminal community in the United States and Europe, so multiple groups of malicious hacking have focused on developing and selling the hardware and software tools needed to complete these attacks.
In addition, ATMs with poorer security measures become especially vulnerable to these attacks, as they are easier to physically manipulate and mostly do not have the right protection mechanisms at the software level.
A few months ago, ATM manufacturer Diebold issued an alert to customers warning all banks of a new variant of black box attacks or ATM jackpotting. The alert was issued after Agenta Bank in Belgium was forced to close 143 ATMs after a jackpotting attack, one of the most serious incidents in this regard.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.