Hacking into an ATM is not a big deal anymore .On Wednesday, in Las Vegas it was demonstrated by a security researcher that with the right software hacking into an ATM is possible and easy.
At the Black Hat conference. Barbany Jack, director of IQ Active, right in front of a large audience hauled two ATM machines and showed how just by pressing a button and the machine will disgorge all the money inside it.
“I hope to change the way people look at devices that from the outside are seemingly impenetrable” said Jack, a New Zealand native who lives in the San Jose area.
He demonstrated one weakness that can make any hacker connect to the machine through telephone or a modem and without even knowing the password, instantly can get all the cash out from the machine.
Jack bought two ATM machines over the internet. Out of the two one was manufactured by the Tranax Technologies and the other by triton. These are generic type of ATM machine found in various bars and stores. For years these machines have been hit by the criminals using ATM skimmers to record card data and PIN numbers, or in some cases simply pulling up a truck and hauling the machines.
Jack says most of the machines have remote management tools that can be accessed through the telephone and then can be attacked.
Jack studied the programming errors and vulnerabilities of the machine. He said the machines let him have complete access. He also learned techniques that can be to open built in safes of many others made by the same company.
Jack said that Every ATM he looked at, he found a game-over vulnerability that allows an attacker to get cash from the machine.
Jack intended to present this in the last year’s conference, but it got delayed as the ATM vendors asked for more time to fix the issues found by him.
Hacking into an ATM is not a big deal anymore .On Wednesday, in Las Vegas it was demonstrated by a security researcher that with the right software hacking into an ATM is possible and easy.
At the Black Hat conference. Barbany Jack, director of IQ Active, right in front of a large audience hauled two ATM machines and showed how just by pressing a button and the machine will disgorge all the money inside it.
“I hope to change the way people look at devices that from the outside are seemingly impenetrable” said Jack, a New Zealand native who lives in the San Jose area.
He demonstrated one weakness that can make any hacker connect to the machine through telephone or a modem and without even knowing the password, instantly can get all the cash out from the machine.
Jack bought two ATM machines over the internet. Out of the two one was manufactured by the Tranax Technologies and the other by triton. These are generic type of ATM machine found in various bars and stores. For years these machines have been hit by the criminals using ATM skimmers to record card data and PIN numbers, or in some cases simply pulling up a truck and hauling the machines.
Jack says most of the machines have remote management tools that can be accessed through the telephone and then can be attacked.
Jack studied the programming errors and vulnerabilities of the machine. He said the machines let him have complete access. He also learned techniques that can be to open built in safes of many others made by the same company.
Jack said that Every ATM he looked at, he found a game-over vulnerability that allows an attacker to get cash from the machine.
Jack intended to present this in the last year’s conference, but it got delayed as the ATM vendors asked for more time to fix the issues found by him.
Random Posts
