THE FBI is warning banks that hackers are planning a "highly-coordinated" global fraud scheme dubbed 'ATM cash-out'.
The "imminent" attacks will see cybercriminals target a bank or payment card processor, the FBI says, with hackers planning to use cloned cards at cash machines across the world to fraudulently withdraw millions of dollars in a matter of hours.
It is believed that the attacks are linked with a major security breach at a card issuer, with the attackers using malware to access customer card information and obtain network access.
That's according to Krebs on Security, who says FBI intelligence indicates that cybercriminals across the world are preparing to carry out the highly choreographed cash-out imminently.
"The FBI has obtained unspecified reporting indicating cybercriminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation'," reads a confidential alert sent out by the FBI, shared privately with US banks last Friday.
"Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cybersecurity controls, budgets, or third-party vendor vulnerabilities," the alert says.
"The FBI expects the ubiquity of this activity to continue or possibly increase in the near future."
Just before executing ATM cashouts, the organised cybercrime gangs will remove many of the fraud controls of the banks using phishing techniques, such as ridding of the maximum ATM withdrawal amount, or any limits on the number of customer transactions per day, maximising how much they can steal.
The crooks could also have the capability to alter account balances and security measures to make an unlimited amount of money available at the time of the transactions.
"The cybercriminals typically create fraudulent copies of legitimate cards by sending stolen card data to co-conspirators who imprint the data on reusable magnetic strip cards, such as gift cards purchased at retail stores," the FBI warned. "At a pre-determined time, the co-conspirators withdraw account funds from ATMs using these cards."
Almost all of the ATM cash-out operations launched so far have been done so on weekends, Krebs said, often just after financial institutions begin closing for business on Saturday.
In preparation for the forthcoming attacks, the FBI is now urging banks to review how they handle security, such as implementing two-factor authentication using a physical or digital token when possible for local administrators and business critical roles. µ
CNIL slams firm's lack of transparency around user data
Some like it less hot
India's five message limit rolls out globally