Diebold Nixdorf has alerted banks in Europe to a novel type of black box jackpotting attacks on its ProCash 2050x ATM terminals.
A traditional black box attacks entails a device fraudsters attach to an ATM to get it to dispense cash on demand by hobbling communications with the cash-handling compartment.
The new black box variant uncovered by Diedbold appears to contain parts of the software stack of the attacked ATM. In these incidents, attackers are focusing on outdoor systems and are destroying parts of the fascia in order to gain physical access to the head compartment, plugging their black box directly into the ATM.
"The investigation into how these parts were obtained by the fraudster is ongoing," states Diebold in its bulletin to banks. "One possibility could be via an offline attack against an unencrypted hard disc."
The firm has not specified how much has been stolen in the attacks, which were uncovered following a series of ATM jackpotting attacks that took place in Belgium last month. The attacks forced Belgian savings bank Argenta to shut down 143 ATMs.
The incident is a big blemish for Diebold Nixdorf, which in February won a contract with a group of four Belgian banks - including Argenta - and the country's postal service to help them manage a new shared ATM network.