Recently, Europol published a report on cyber threats. The document entitled "Making Money on Malicious Programs for ATMs" describes physical and network types of attacks on ATMs using malicious software, as well as ways to create this software.
About physical attacks using malware is known since 2009, when it was enough for scammers to access the device and download a malicious program using a USB port or CD-ROM. In some cases, an external keyboard was connected to control the self-winding device. Since then, these kinds of attacks began to develop and were called "jackpotting".
Today such schemes still exist, but the attackers found a new entry point - the network. Since Internet communication is the cheapest, banks also use it as the main communication system with processing centers. Criminals can create a virtual processing center or even crack a real one. In addition, the software itself is also vulnerable. This is due to the fact that a huge number of ATMs operate on operating systems that are no longer updated or will cease to do so in the near future.
The report provides examples of attacks in which criminals used a banking network to steal money, for example, sending phishing emails containing malicious files to bank employees. It is worth noting that some malicious programs have the ability to self-healing, which effectively hides the traces of crime.
Thus, banks need to pay more attention to the protection of their devices and consider all possible security methods for both the software and hardware components and the network infrastructure as a whole.
Full report on the link https://www.europol.europa.eu/publications-documents/cashing-in-atm-malware