Jackpotting 143 ATMs to cash out all the money; a bank shuts down all its Diebold ATMs after cyberattack

According to experts in a hacking course, the Antwerp-based Argenta savings bank has decided to close its 143 ATMs after suffering two consecutive cyberattack incidents over the past weekend. This is the third incident that occurred at the bank over the past month.

A first attack occurred in late June after a hacker group took control of ATMs in two provinces of Antwerp using the attack method known as “jackpotting“. It should be remembered that in a jackpotting attack criminals try to compromise the cashier using systems online or via a physical connection, mainly USB. When hackers gain access to the compromised machine, they can extract the stored money until the cashier is completely emptied.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es jackpottingattack01.jpg

The most recent attacks occurred last Friday and Saturday in the West Flanders region. As the hacking course experts mention, hackers again employed a known hacking technique against bank cashiers, manufactured by Diebold. Experts point out that the compromised models were very old, which would have the work easier for cybercriminals.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es jackpottingattack02.jpg

In this regard, a representative of Argenta stated: “We note that despite the updates installed on the devices, they remain vulnerable to cyberattacks”. In response to the critical situation, the banking institution decided to close the 143 machines, at least until their safe operation is ensured.  

The incident has already been notified to federal authorities, which have begun a thorough investigation. For the time being, the authorities assume that both attacks were perpetrated by the same hacking group, although the hacking course experts do not rule out other hypotheses.

For security, the bank has not disclosed the exact consequences of the attacks, so it will be difficult to know the full extent of the incident. Although it is a common practice, the manufacturer companies have not yet been able to develop a method of protection against jackpotting, so this attack variant will continue to grow.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.