ATMs are a funny thing. Still heavily used, but slowly winding down as payments by card and mobile win over hard cash. For hackers, however, they are still prime targets.
First off, skimming. If you haven’t heard of skimming, this is one of the more common attacks against ATMs that you should be aware of. Generally speaking, this involves two pieces:
- A small camera setup to catch you entering your pin number
- An additional faceplate that is placed over the card reader that reads your card as you slide it in, such as the one below, available for purchase on many websites.

What do you do about skimming? Be vigilant. Give the card reader a tug to see if it comes off easily (but don’t break the machine), check around the PIN pad for pinhole cameras (no pun intended), and cover your PIN entry as best you can. Skimmers are getting more and more complex, but vigilance will keep you safe from the vast majority of them.
ATMs can get viruses, too
More technical hackers have been increasingly leveraging malware directly — they will infect the ATM via vulnerabilities or by bypassing security controls, assuming there are any. Many ATMs still run Windows XP if that gives you any indication of how vulnerable these things are. Again, this plays into why we suck at cyber security; failing to upgrade, patch, or simply consider how bad guys might try to attack the systems being developed leaves systems such as these ripe for fledgling hackers.
For malware designed to empty the ATM, industry researchers have adopted the term “jackpotting”, an appropriate play on the purpose of the malware. The goal? What else, but money. Infect the ATMs and withdraw the cash before getting caught. One particular group, however, spent a bit of extra time to have some fun with their program.
WinPot malware
This particular malware plays off of the jackpotting term and displays the interface as if it were a slot machine. The malware determines how many bills are in each cassette in the ATM and, in theory, dispenses a random amount of bills from each cassette when the SPIN button is pressed.

This is really for the hackers’ entertainment, however; don’t count on being lucky enough to walk up to a slot-machine-ATM. You can buy the malware for your own uses for between $500 and $1000, though I wouldn’t recommend it, unless the idea of prison sounds attractive.
Featured image courtesy of Pixabay
Thanks, Alex. This is so informative. And interesting!
Haha, I love that there’s a legit market for malware, with competitive prices. Capitalist underground. I don’t think I’ve used an ATM (or gone to the bank at all….) more than about once a year since I’ve been able to deposit checks remotely using my smart phone. But it was a regular part of life back in the 1990s, when I pretty much withdrew cash for everything from putting gas in the car to buying groceries. I don’t even know what it’s like to carry cash around anymore, except when I travel out of the country. (Much to the consternation… Read more »
Michelle-I work in a bank. We are gradually phasing out driveup windows, teller lines, and employees. Of course that results in less personal service as people do more on line. Our ATM’s don’t seem to get skimmed. But daily I see folks that have been compromised on line. Or scammed. Or lost their personal information via stored credit card numbers on a retailer’s site or credit bureau database. I do the same as you. But it seems that lately I’m favoring cash when possible.
I’m trying to figure out if I can ever favor cash again. It seems like so much work now. But you’re right about being compromised online…THAT’s becoming more work to avoid, too. Maybe there will be a tipping point. And I appreciate the great customer service I get from my credit union, in person or over the phone or online, on the rare occasions I need them. Hopefully that doesn’t get lost as we keep adapting to new technology… but then, we’ve probably lost a lot of things.
We have ATMs where a teller comes up on a screen and has a conversation with the user. Every transaction that can be done inside except applying for a loan can be done. We have another type of ATM that allows certain transactions and policies that opened it up for fraud. That has happened prior to a fix. And finally, we have the old kind targeted by skimmers. I have a member service person right outside my office door, so it’s easy to work with cash.
Great question! Yes. Gas stations are arguably the most common targets for skimmers at the moment. Grocery stores and other POS devices are targets as well, but are generally harder to target with people generally standing right next to them.
Good advice Alex. This past summer there were a bunch of ATM’s in our area that were found with skimmers. They were at gas/c-stores, all owned by the same owner. Didn’t take LE long to figure out that it was an employee that worked at a couple of the locations. Damn, there are just so many ways to get hacked these days. I have an elderly friend that withdrew $100 from an ATM. (paid in $20’s) From a LIGIT bank. She went to a local store, made a purchase and the alarms went off and she got locked inside. Yep!… Read more »
Ahh jeez, that’s a shame. There really are a lot of vulnerabilities out there, but it’s still reassuring that the average person can go through their daily routine and never become a victim. Nothing you can do about an ATM giving you counterfeit bills though! The insider threats (like that gas station employee) are very difficult to detect, but hopefully not too common of a practice.
I do use the bank ATM on occasion to get cash or make deposits. I don’t carry a lot of cash but there are a few places I just prefer to pay cash. I think it’s prudent to have a little bit of cash on hand and maybe stashed in a secret place in your house just in case. When I do use ATM or any card scanner, I always pull on the scanner. I try to cover my hand entering the pin especially at gas stations. There are so many ways you can get scammed these days. If all… Read more »
lol, I love the old Win 3.11 WFW GUI.