Secret Service Warns of Uptick in ATM Jackpotting Attempts
During the previous six months, the US Secret Service reports there has been a marked increase in ATM jackpotting.

Traditional malware, black box and man-in-the-middle attacks on ATMs have been reported in California, Colorado, Georgia, Idaho, Maryland, Minnesota, New York, North and South Carolina, Oregon, Pennsylvania, Tennessee, Texas, Utah and Washington.

These incidents have occurred across multiple ATM brands and are believed to have been perpetrated by at least seven different criminal groups.

The subjects, which are believed to still be in the U.S. and are expected to continue to carry out additional attacks, were observed opening and accessing the ATMs using magnets and generic Keys designed to unlock an ATM’s exterior.

Secret Service Recommendations


Mitigation and Prevention
Independent ATM deployers, retailers and financial institutions should proactively reach out to their ATM vendors to ensure their terminals and software are up-to-date on all security protocols.

• Follow the security recommendations of manufacturers and other vendors to ensure you have the latest updates, hardware, software and firmware.
• Make certain your operating systems and configurations are up-to-date.
• All ATM hard drives should be encrypted.
• Secure your network communications by fully enabling TLS encryption.
• Limit physical access to ATMs by securing Keys. Generic Keys, which can often be purchased on the Internet, can lead to unauthorized access to multiple ATMs.
• Implement multi-factor authentication, wherever possible, for all your ATM service technicians.

Response to Possible Jackpotting Incidents
If you suspect your ATM has been compromised, please take the following specific steps:

• Before opening the ATM, wear gloves to avoid contaminating any potential DNA evidence and fingerprints.
• Before removing any unauthorized devices from the ATM, photograph all components in place, including the hard drive and any attached devices.
• Contact your local Secret Service Cyber Fraud Field Service Office to report the incident. Report Crimes Here

Download the Official Notice