‘Black box’ attacks on the rise in Europe

A new study reveals that the use of 'black box' physical malware attacks is on the rise at European ATMs

The risks posed to ATMs by physical hacks that instruct the devices to dispense cash is growing in Europe, according to a recent report from the European Association for Secure Transactions (EAST).

According to the study, ‘black box’ attacks, which involve connecting an unauthorized device to the terminal that can be used to hijack the ATM and send commands to ‘cash out’ the device, increased by more than 300 percent in the first half of the year.

Some 114 incidents were recorded across the 11 countries covered by the study, up from just 28 for the same period in 2016 and five in the first half of 2015. EAST executive director Lachlan Gunn said:”This sees the continuation of a trend that we first reported in April of this year when we published full year statistics for 2016.”

Losses as a result of this type of attack increased by 268 percent, the report noted, up from €0.41 million in 2016 to €1.51 million.

This type of attack may be gaining popularity because they are becoming relatively easy to carry out, with toolsets and step-by-step instructions for using them readily available on the dark web. For instance, Kaspersky Lab recently reported on one such kit – called Cutlet Maker – on sale online for just £3,788.

Konstantin Zykov, security researcher at Kaspersky Lab, stated: “While operating, Cutlet Maker interacts with the ATM’s software and hardware, encountering almost no security obstacles at all. This should be changed in order to harden ATM machines.”

However, there was some good news for ATM operators in EAST’s report, as the number of skimming attack saw another decline.

There were 1,221 such incidents recorded in Europe in the first six months of 2017, a 22 percent drop from the 1,573 reported for the same period in 2016. This marks the lowest number of skimming incidents reported since EAST first began gathering data in 2004.

Written by Jack Dougal

Our privacy policy has been updated. Click here to see the updates.