Cybercriminals began targeting automated teller machine (ATM) software back in 2009. Since then, new ATM malware families have been springing up every year. By 2016, fraudsters realized that the ATMs could be accessed through the network.
Cybercrooks have two options to loot an ATM: leverage direct physical access to an ATM endpoint or gain access to the machine through the network. he latter method is progressively gaining popularity because it eliminates the need to physically access a target ATM, increasing the chance of success. Once the network is compromised and malware is installed on the endpoint, a money mule who is standing by picks up the cash and whisks away.