WASHINGTON (Reuters) – A coordinated group of hackers likely tied to international criminal syndicates has pilfered more than $1 million by hijacking ATM machines across the United States and forcing them to spit out bills like slot machines dispensing a jackpot, a senior U.S. Secret Service official said on Monday.
Within the past few days there have been about a half-dozen successful ājackpottingā attacks, the official said.
The heists, which involve hacking ATMs to rapidly shoot out torrents of cash, have been observed across the United States spanning from the Gulf Coast in the southern part of the country to the New England region in the northeast, Matthew OāNeill, a special agent in the criminal investigations division, told Reuters in an interview.
The spate of attacks represented the first widespread jackpotting activity in the United States, OāNeill said. Previous campaigns have been spotted in parts of Europe and Latin America in recent years.
āIt was just a matter of time until it hit our shores,ā OāNeill said.
Diebold Nixdorf Incand NCR Corp, two of the worldās largest ATM makers, warned last week that cyber criminals are targeting ATMs with tools needed to carry out jackpotting schemes.
The Diebold Nixdorf alert described steps that criminals had used to compromise ATMs. They include gaining physical access, replacing the hard drive and using an industrial endoscope to depress an internal button required to reset the device.
A confidential U.S. Secret Service alert seen by Reuters and sent to banks on Friday said machines running XP were more vulnerable and encouraged ATM operators to update to Windows 7 to protect against the attack, which appeared to be targeting ATMs typically located in pharmacies, big box retailers and drive-thrus.
While initial intelligence suggested only ATMs running on outdated Windows XP software were being targeted, the Secret Service has seen successful attacks within the past 48 hours on machines running updated Windows 7, OāNeil said.
āThere isnāt one magic solution to solve the problem,ā he said.
A local electronic crimes task force in the Washington, D.C., metropolitan area first reported an unsuccessful jackpotting attempt last week, OāNeill said.
A few days later another local partner witnessed similar activity and ādeveloped intelligenceā that indicated a sustained, coordinated attack was likely to occur over the next two weeks, OāNeill said. He declined to say where that partner was located.
Jackpotting has been rising worldwide in recent years, though it is unclear how much cash has been stolen because victims and police often do not disclose details.
Reporting by Dustin Volz in Washington, D.C.; Editing by David Gregorio