A form of automatic teller machine hacking previously seen in Europe, Asia and Mexico has made its way to the United States, prompting the Secret Service to warn financial institutions to be on the lookout.

The Secret Service memo, obtained and described Saturday by security research Brian Krebs, details the “jackpotting” ATM hacking method that involves hackers physically accessing a machine and infecting it with a form of malware known as Ploutus.D. Once the machine is infected, the hackers can control the operations of the ATM, including the ability for them to make the machine spit out cash, hence the name “jackpotting,” as in winning a jackpot Las Vegas casino-style.

The attacks were confirmed by two major ATM makers, Diebold Nixdorf Inc. and NCR Corp., in a Reuters report, with both companies saying that they had sent out the alerts to clients. NCR said its equipment had not been targeted in the recent attack, but it was still a concern for the entire ATM industry. Diebold Nixdorf said it had been warned that hackers were targeting its Opteva ATM model, which ceased production several years ago.

ATM hacking is not a new concept, but mostly for better-known methods such as skimming, in which a device is physically added to a machine to steal account data, including PIN numbers, from unsuspecting victims.

The ability to hack an ATM and have it spit out money first appeared in 2016 with a Skimmer malware variant discovered by Kaspersky Lab that required the hacker to insert a custom-made command card into an ATM to control it.

The new Ploutus.D jackpotting method allows hackers to access the ATM remotely once it has been infected, enabling them to use mules to collect money from infected machines.

Photo: 76657755@N04/Flickr