ATM Attacks in 2019 Brought Criminals Only Small Gains

In 2019, attacks on ATMs using specialized malware and jackpotting techniques stopped being a lucrative source of income for criminals. During the first half of 2019, criminal groups involved in ATM attacks made less than €1,000 from a single successful campaign.

Across Europe, banks reported a total of 35 incidents involving ATM malware and jackpotting techniques. Jackpotting refers to a type of ATM attack where criminals force the machine to literally “spit out” cash.

The nonprofit organization European Association for Secure Transactions (EAST) conducted research into these incidents during the first half of the year.

“Malware was used in every third attack. In the remaining cases, criminals resorted to jackpotting,” the EAST report (PDF) states. “These operations resulted in minimal losses for financial institutions. In one case, criminals managed to steal less than €1,000. The average amount of losses also dropped significantly—by approximately 100%.”

Thus, for the second year in a row, criminal groups have been unable to steal significant sums using specialized malware designed for ATM attacks.