‘Jackpotting’ ATM Hackers Arrive in the US, Steal Over $1 Million

Hackers presumed to be associated with international crime syndicates have stolen over $1 million from ATMs in the US using a technique called “jackpotting”, a Secret Service official said.

As reported by Reuters, there is an increasing pattern of “jackpotting” heists wherein hackers compromise ATMs to rapidly deliver massive amounts of cash, akin to a slot machine dispensing a jackpot, across the United States. Speaking to the publication Secret Service special agent Matthew O’Neill  from the criminal investigations division said the spate of attacks makes for the first widespread jackpotting activity in the United States.

The compromise was first noticed in parts of Europe and Latin America over the past few years. “It was just a matter of time until it hit our shores,” O‘Neill told Reuters.

A demonstration of jackpotting was first demonstrated publicly by renowned hacker Barnaby Jack at the 2010 Black Hat conference.

The cybercriminals took multiple steps including gaining physical access and replacing the hard drive before using an industrial endoscope to suppress an internal button that resets the device. As things stand, ATM machines running Windows XP are more vulnerable, a confidential US Secret Service alert sent to banks revealed.  Attacks have been spotted across the country, ranging from the Pacific Northwest to the Gulf region to New England. 

The alert suggested banks to update to Windows 7 to better protect the ATMs against the attack. Further, big box retailers, drive-throughs and pharmacies hosting ATMs were specifically targeted more than others.

Despite the recommendation to update to Windows 7, O’Neil revealed that the Secret Service had also witnessed successful attacks against Windows 7-based ATMs in the past 48 hours alone.

“There isn’t one magic solution to solve the problem,” he added.

Image credit: