Krebs said its source said the Secret Service warned that organized criminal gangs were attacking stand-alone ATMs in the U.S. using "Ploutus.D," an advanced strain of jackpotting malware first spotted in Mexico in 2013.

The way the scheme worked is cash out crews dressed as ATM technicians, attached a laptop computer with a mirror image of the ATMs operating system along with a mobile device to the targeted ATM. The targeted standalone ATMs are routinely located in pharmacies, big box retailers, and drive-thru ATMs according to the Secret Service alert obtained by Krebs.

"ATM Jackpotting has actually been around for a few years in various forms, but hackers need to have access to the machine physically or through the bank network to pull this off," Don Duncan, security engineer for Vancouver, British Columbia, Canada based NuData said. Hackers do not necessarily take advantage of actual exploits, but go after physical and networking lapses that allow access to the system. Duncan explained regular maintenance and reviews of the system help eliminate opportunities for criminals, enabling the ATM system to become stronger over time.

"Jackpotting are logical attacks that can be launched from malware," Terry Pierce, senior product manager, Rancho Cucamonga, Calif.-based CO-OP Financial Services, said. "These attacks infiltrate an ATM network offline, or from a piece of hardware known as a 'black box' placed inside the ATM, and connected directly to the cash dispenser. It reprograms the ATM canister to dispense cash."

Pierce suggested protection from logical attacks is only possible through the layered and comprehensive deployment of security guidelines. "Some of the best practices available to credit unions are adding whitelisting and blacklisting solutions that prevent fraudsters from high-jacking the ATM, deploying anti-virus and patches, adding firewalls and implementing TLS 1.2 (Transportation Layer Security) encryption," she maintained. "Credit unions should also have procedures that only authorized personnel have access to the ATMs and have an established, strong password policy to protect access at the ATM. I would additionally recommend that the credit unions reach out to their ATM vendor for solutions to protect their ATMs from this type of attack."

The recent reports of jackpotting attacks in the U.S. are another example of how fraud prevention must be a holistic approach across all channels, Jack Lynch, SVP, Chief Risk Officer at St. Petersburg, Fla. based PSCU. pointed out. "As we see fraud decreasing in counterfeit cards due to EMV, along with PSCU's aggressive use of analytics and implementing other fraud fighting tools, we will continue to see fraudsters looking to find the weakest link to commit other types of fraud. In this case, crooks uncovered a weakness in ATMs that are running older operating systems."

"ATMs at retail locations are more susceptible to jackpotting and other types of on-site fraud attacks as they are standalone and typically not built into a wall or cabinet that would limit access by fraudsters," Lynch noted. "ATMs at a credit union location are less likely to be hit due to limited access and higher physical security."

"Jackpotting attempts also highlight the need to ensure the optimal software configuration is installed and enabled," Lynch recommended. In addition, a key strategy to reduce the potential of fraud attacks is to review and implement physical security changes where required. "This includes how the ATM is accessed and monitored for suspicious activity."