Hacked documents from Transnational Bank Limited shows that in 2018, thieves hit the Automated Teller Machines (ATM) of the bank, twice, making away with money.
On 21st July 2018, a ATM Incident report seen by Kenyanbusinessfeed.com prepared by ICT Manager Peter Gitonga shows that the ATMs belonging to Eldoret and Burnt Forest branches of the bank were stolen from using a technique known as ATM Jackpotting.
ATM jackpotting is exploitation of physical and software vulnerabilities in ATMs that result the machine dispensing some cash as instructed by cyber criminals.
The problem description given by the IT department reads, ‘ATM reconciliations carried out by Eldoret and Burnt Forest branches on 26th July 2028 indicate physical cash differences’.
The thieves are said to have taken advantage of lapses in physical security and removed the logo panel and drilled on the glass separating the logo panel and the ATM’s internal components.
The rest of the report signed by Peter Gitonga, ICT Manager and Laban Molonko, the General Manager incharge of Strategy and Finance states, ‘they then used some object to enlarge the gap allowing them to insert endoscopy-like tube with camera and USB cable. Once inserted to a USB port on the ATM’s CPU, the other end of the USB cable is connected to a Phone/Tablet/Laptop creating a USB tethering connection whereby malicious software (Malware) can be installed to the ATM. Various ackpotting ATM Malwares have been created by cyber criminals e.g. Ploutus Variants, Cutlet Maker variants and Ripper Variants which target all ATM models. The likely Malware variant installed in these two ATMs is the Cutlet Maker variant which is the most advanced version that takes over the ATM dispensing role from a chosen cassette. In this case, only the Type 4 cassette that holds the 1000 denominations was affected. This shall become clearer once cyber forensic audit is completed on the affected ATMs”.
ATM Jackpotting was also used in the case of Barclays Bank ATM at Umoja Mutindwa in 2019.
‘with physical access to the machine, ATM Jackpotting enables the theft of the machine’s cash reserves, which are not tied to the balance of any bank account. Cyber Criminals who are successful and remain undetected can walk away with all the machine’s cash’.
The amount of money stolen from Transnational Bank Limited in 2018 was never revealed. Of course, there was no such news either.
Kenyan Business Feed is the top Kenyan Business Blog. We share news from Kenya and across the region. To contact us with any alert, please email us to [email protected]