A bank teller from Freiburg, Germany, found incredible behavior on the part of his bank's ATM.
A message on the control panel did not bode well: "Ho Ho Ho! Today we make the cutlets! ". The employee did not immediately grasp the meaning (and neither do I), but hackers had infected the ATM with Cutlet Maker, a rather singular malware.
The first jackpot attack in history, and here is the result: the ATM starts throwing out all its money until it runs out of steam. Let's face it, it's everyone's dream.
An investigation conducted by Motherboard, a column on the Vice site and by German broadcaster Bayerischer Rundfunk has revealed (comprehensibly) few details on the method. It is a fact, however, that attacks with Cutlet Maker are increasing almost everywhere, especially targeting branches with outdated or outdated software.
An investigation by the leading cybersecurity company, the Kaspersky, warns since May 2017 on the risk of the spread of this malware, even releasing this informative video.
Last spring 36 cases were recorded in Germany alone.
What I find among the various sources is that hackers usually install the malware through a physical access point of the same ATM.
Targets used to infect are USB ports or even (I'm very skeptical of the hypothesis) the headphone jack located on several doors. Even the software to “pierce” the ATM would be quite accessible, around 1000 euros.
It looks like the Hollywood version of a hacker attack: an ATM that starts throwing away all its money is a scene that hits the collective imagination. All the details of the news seem striking to the point of making it seem bogus.
Unfortunately, this is a rather realistic scenario, and the staff involved in the investigation even managed to purchase a copy of the offending software.