The thefts came to light in July after the lender involved noticed several its ATMs were being emptied despite their use of safes to protect the cash inside. After surveillance was increased, the bank discovered the criminals were vandalising the machines to use the infected USB sticks. The malware was installed onto the ATMs via USB sticks, and once the malware had been transferred they patched the holes up. This allowed the same machines to be targeted several times without the hack being discovered.
Link to Original Source