Kaspersky Lab has discovered an ATM jackpotting kit for sale on the Dark Web which provides step-by-step instructions for non-techies to crack open a cash machine.
Cutlet Maker consists of three components and enables ATM jackpotting if the attacker is able to gain physical access to the machine. A toolset potentially allowing criminals to steal millions is on sale for just £3,788 and comes equipped with an ATM-hacking for Dummies user guide.
Europe saw a surge in the number of ATM black box attacks - where devices are attached to machines and command cash outs - in the first half of 2017.
There were 114 such attacks across 11 countries over the six months, more than 300% up on the 28 seen in H1 2016, according to the European Association for Secure Transactions (East), which estimates related losses of EUR1.5 million.
In the case of Cutlet Maker, criminals need to gain direct access to an ATM’s insides in order to access the USB port, which is used to upload the malware. If successful, they plug in a USB device which stores the software toolkit. The toolkit relays information on the currency, value and number of notes in each cassette to maximise returns.
Says Kaspersky Lab: "Although malicious tools for hacking ATMs have been known for many years, the latest discovery shows that malware creators are investing more and more resources into making their 'products' available for criminals who are not very familiar with computer science."
Cutlet Maker has been on sale since 27 March 2017, however as researchers discovered, the earliest known sample came on the radars of the security community in June 2016. The guidelines that come with the malware kit contain videos which were presented by their authors as real life proof of the malware’s efficiency.
Konstantin Zykov, security researcher at Kaspersky Lab, says: "This may potentially become a dangerous threat to financial organisations. But what is more important is that while operating, Cutlet Maker interacts with the ATMs software and hardware, encountering almost no security obstacles at all. This should be changed in order to harden ATM machines."