6 Ways to Hack an ATM – ATM Hacking Methods

Need to hear something that is both interesting and scary? A wide-ranging report that came out a year ago found that most ATMs can be hacked in less than five minutes when money is being transferred. Worryingly, 85 percent of the ATMs that were tested let an attacker get into the organization, and 58 percent had flaws in their organization parts or administrations that could be used to take control of the ATM from afar and attack money transfer services and apps. 6 Ways to Hack an ATM

All of this just shows that ATMs are much weaker than we thought. This can be a scary thought, given that they hold huge amounts of money and have important information about customers. Especially since most of us don’t know how easy it is to attack an ATM and how helpless they really are.

Using ATM Malware Card

On the dark web, anybody can buy an ATM Malware Card, that comes with the PIN Descriptor, Trigger Card and an Instruction Guide. This manual provides step-by-step instructions on how to use the card to suspend cash from ATM machines. Once the ATM Malware card is installed in the ATM, it captures card details of all the customers who subsequently use the ATM. The Trigger card is then used to dispense cash from ATMs.

The image above shows the product description provided on dark web marketplaces, to advertise the features and benefits. This malware mainly targets ATM machines that run on Windows XP. This card is capable of drawing out all the money that is available in the affected machine; which could amount to as much as $500,000. The product description is so detailed that even a layman can use it to hack an ATM.

Using Botnets

Here on Dark Web, there are many tutorials and real-world case studies that show how programmers hack money transfer sites when people send money online. For example, there is a full tutorial on how botnets can be used to hack into online bank accounts and money transfer services on an underground hacking forum. You can also buy videos on the Dark Web that show step-by-step how to hack ATMs. Most of the time, these videos cost $100 each. 6 Ways to Hack an ATM

Ploutus-D ATM Attack Method

Ploutus-D has been used in attacks on ATMs and online money transfers that are still going on. The malware affects equipment like the cash dispenser, card reader, and pin cushion. It also steals important parts of a well-known multivendor ATM program. Since most users look for “money transfer near me,” this means that any programmer can quickly divide up all the money in the machine. You can now buy Ploutus-D source code and instructions on the internet at a number of business centers.

According to Marques, Ploutus needs physical access to an ATM via a USB or CD to install the malware and steal the ATM ID, which is used to activate and identify an ATM before withdrawing money.


In the most recent attacks, attackers utilized medical tools like an endoscope to go inside the ATM in order to intercept the cash dispenser communication link, sync with the ATM’s computer, and start the malware infection.

In order to force the ATMs to issue cash, the criminals who installed the virus will now get in touch with accomplices who have remote control over the machines. After infection, a remote attacker can order the ATM to dispense thousands of dollars in cash in a matter of minutes.

Ploutus-D typically targets Diebold ATM equipment, which uses the multi-vendor Kalignite platform. The ATM vendor Diebold is the target of the samples found. However, as Kalignite Platform runs on 40 distinct ATM manufacturers in 80 countries, a small code change to Ploutus-D would significantly increase its ATM vendor targets

Money Transfer Services

There are places to shop on the dark web, like money transfer companies, that take both bank and real bank cards as payment. People use the cards to buy things online, but real cards can also be used at ATMs because most people know how to move money from one bank to another. Some sites also sell credit cards that have already been loaded with money. The cost of the card is clearly the same as how much money is on it.

Using ATM Skimmers

Here on dark web, there are many ATM skimmer shops that sell EMV Skimmers, GSM Receivers, ATM Skimmers, POS, Gas Pump, Deep Insert, and other ATM hacking devices that can be used to hack international money transfers on international money transfer apps. A lot of stores sell a package that has all of these things.

These tools can be used for many different things, like hacking the best ways to send money across borders. On the one hand, there is a subset of Deep Insert devices that can be connected to ATMs to steal customers’ private financial information.

At the same time, these bundles allow the attacker to put malware on the ATM without actually being there. Hackers may use devices like Antenna to launch attacks from far away, making it even harder to find the people who did it.

A skimmer is a device that is rigged to the card reader of an ATM machine. An unsuspecting user will enter their card into the ATM, not knowing that the device attached to the slot (unnoticed or ignored) has proceeded to record their payment card data.

You might be thinking: I’d never fall for this. How difficult would it be to spot an ATM skimmer attached near the card slot? You’re not wrong. If you are aware of ATM skimmers, you probably will make sure that there is no device affixed to the ATM. However, more often than not, people approach their ATM transactions on autopilot, not noticing strange details until it’s too late.

A person uses the ATM, enters the card in the card entry slot, keys in their details, takes the money. That’s it. It all happens in a few minutes. Our mind is trained to locate the card entry slot or the mouth of the ATM, and it’s easy to ignore everything else. It is this casual lack of attention that is exploited by cybercriminals.

What’s more, modern-day ATM Skimmers are so evolved that they look like an extension of the card reader slot and the ATM as a whole. While we might spot the device and find it unusual, we might pass it off as just the latest in ATM technology.

Using ATM Malware

This is probably the most well-known way that ATM programmers use to take advantage of flaws. There are places on the dark web that send the client a full malware unit, which includes an ATM Malware Card, a PIN Descriptor, a Trigger Card, and an Instruction Guide. When the ATM malware card is used to put the malware into the ATM, the machine can get all of the check card information from customers. Then, the programmers use the Trigger Card to divide up the money from the ATM. All in all, this is probably the most popular plan on the dark web, and it comes with very clear, step-by-step instructions on how to carry it out.

The ATM malware, called Tyupkin, has several features that help it avoid detection:

  • It is only active at specific times of the night on certain days of the week, typically Sunday and Monday.
  • It requires a key to be entered based on a random seed. The criminal must know the algorithm to enter the correct key based on the randomly displayed seed.
  • Tyupkin implements anti-debug and anti-emulation techniques
  • The malware can disable McAfee Solidcore from the infected system.

This is considered to be a higher-level attack because it attacks the bank directly, bypassing the need for capturing consumer debit card data using skimming devices. Unlike skimming attacks, which only require access to the public space around a machine, the malware attack requires access to the back end of the ATM. The investigation revealed that only ATMs with no active secure alarm were infected. Therefore, installing alarms and eliminating the use of master keys are two easy mitigating controls that can be implemented.

At ATMs where security alarms are installed, cybercriminals may seek a complicit insider at the bank, ATM vendor or security service vendor to install the malware. Additionally, bank personnel could be socially engineered to allow access to the machine by someone purporting to be associated with a vendor. 6 Ways to Hack an ATM




Contact Us Click Here