Euro Bank Robbers Blow Up 492 ATMs

Written by

Some 492 ATMs across Europe were blown up by thieves in the first half of 2016, as criminals looked to supplement their attempts at infiltrating machines via cyber-attacks.

The non-profit European ATM Security Team (EAST) claimed physical attacks soared 80% from the 273 reported in the same period in 2015, costing over €16,000 (£14,450) each, not including damage to equipment and buildings.

Total physical attacks jumped 30% from the first half of 2015 to reach 1,604 incidents in the first six months of the year, with losses rising 3% to hit €27m (£24m).

The news comes as cybercriminals increasingly target ATMs with virtual or ‘logical’ attacks.

Some 28 incidents were reported in the first half of 2016, up from just five the same period last year, at a total loss of €400,000 (£361,000).

These “cash out” or “jackpotting” attacks typically involve malware which takes control of the ATM’s cash dispensing function to fill the pockets of the cybercriminals.

ATM-related fraud jumped 28% to over 10,000 incidents in 1H 2016, thanks to a staggering 281% increase in Transaction Reversal Fraud, where thieves either physically interfere with the machine or attempt to corrupt transaction messages to siphon off cash funds.

ATM fraud alone cost European lenders €174m (£157m) in the first half of 2016, up from €156m (£141m) a year ago.

There’s also been a rise in skimming internationally, from losses of €131m (£118m) to €142m (£128m) over the period.

The news shows criminal gangs increasingly using diverse tactics, and blending physical and online methods, to steal from banks.

A report from Kaspersky Lab back in April claimed that almost all ATMs across the globe can be illegally accessed and raided without even the need to install malware – because they’re running outdated technology.

That said, malware is also being used to devastating effect by some groups.

The ‘Ripper’ family was recently pegged for helping a gang steal 12 million baht (£265,400) from ATMs in Thailand.

What’s hot on Infosecurity Magazine?