FBI warns banks about potential ATM hacking scheme
The FBI is warning financial institutions that their ATMs could be targeted in a hacking attempt.
The threat was reported Sunday by Krebs On Security, a popular cybersecurity blog run by the journalist Brian Krebs.
Krebs reported that the scheme is known as an “ATM cash-out,” which means the attackers can hack a bank or payment card processor and use stolen information to withdraw large sums of money at ATMs worldwide. His report cited a confidential alert the FBI shared with banks last Friday.
The FBI did not comment specifically on this potential attack. In a statement to CNN, a spokeswoman said that “in furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations.”
“This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals,” the spokeswoman said.
CNN reached out to two major banks, Wells Fargo and JPMorgan Chase, both of which declined to comment.
Krebs has reported on similar “unlimited operations” before, including a scheme in which more than $2 million was stolen from a Virginia bank in 2016 and 2017.
The alert, called a private industry notification, was sent to a narrow group of cybersecurity professionals and system administrators at financial firms that had assets at risk, according to a federal law enforcement official.
Though the FBI at times makes PSAs for significant cybersecurity threats, like when they told the public in May to reboot certain internet routers after a malware attack, no wider notification was made about the ATM scheme.
–CNN’s Matt Egan and David Shortell contributed to this report.