The success of "Jackpotting" and other malware-enabled attacks on ATMs highlight the challenges of protecting ATM devices against motivated adversaries. In 2016, hackers in Japan stole $13 million USD from ATMs in a three-hour, 14,000 withdrawal spree. In Taiwan, hackers breached a major domestic bank in the same year and used malware to withdraw more than $2 million USD from dozens of ATMs. A similar crime also occurred in August 2018, in which an India-based bank system was hacked via a malware attack on its ATM server and nearly $13.5 million USD was successfully siphoned off.

These devices often use older hardware and operating systems, lack reliable network connectivity for updates, and are difficult to manage. As the result, it is impractical to rely solely on traditional technologies such as antivirus and application whitelisting for safeguarding these critical assets. ATM attacks bypass such baseline security controls, allowing criminals to dispense cash and steal customer data.
‍
The POS network and devices in several big retail store and restaurants' chains have also been compromised causing millions of dollars in losses.
Minerva’s Anti-Evasion Platform is effective in protecting ATM and POS devices from these threats even when attackers bypass the other security measures

Safeguarding ATM Applications

Cyber-criminals employ specialized malware to interface with ATM software to dispense cash. Minerva’s Anti-Evasion Platform prevents malicious code from interacting with ATM middleware components such as XFS. As the result, even if malware finds a way to run on the ATM, it will be unable to direct the ATM application to take unauthorized actions. Upon preventing the attack, Minerva notifies the IT and security teams about the security event. However, even if the organization is unable to respond to the incident right away, the ATM remains in a protected state, with the attackers failing to reach their objective.