A security researcher at the Black Hat conference has demonstrated a hack technique that caused bank ATMs to vend all their cash.
Giving a presentation at the Black Hat 2010 conference in Las Vegas, security researcher Barnaby Jack demonstrated how it is possible to hack ATM machines into not only providing all their cash but storing card details of would-be customers.
The hack involved gaining access to the internals with a universal key bought off the Internet and then using a USB key loaded with a set of rootkit software. Jack said that he had been due to give the presentation the previous year but due to "circumstances beyond my control" had been forced to cancel the talk.
Jack said the benefit was that he had another year to research ATM attacks. The Black Hat talk demonstrated attacks on two different models of ATM machines both local and remote. The remote attacks were based on the idea that stand alone ATMs are on telephone lines.
"I've always liked the scene in Terminator 2 where John Connor walks up to an ATM, interfaces his Atari to the card reader and retrieves cash from the machine. I think I've got that kid beat," wrote Jack in the briefing description," wrote Jack.
The goal of the talk, as with others of a similar nature at the Black Hat conference, is to draw attention to security issues and discuss defence strategies. For his part Jack advocated unique ATM hardware keys and protected software environments that would not be vulnerable to the type of attack Jack had demonstrated.
Advertisement
Related Stories
- Over half of UK companies infected by malware Feb 13th 2012 at 11:57AM
- Google describes 'Bouncer' Android anti-malware system Feb 3rd 2012 at 6:41AM
- Apple OS X updates released Feb 2nd 2012 at 5:44AM
- Symantec tells users to disable PCAnywhere Jan 27th 2012 at 7:10AM
- Russian gang expose shuts down Facebook virus Koobface Jan 19th 2012 at 4:38AM
- 'Lilupophilupop' SQL hack tops one million infected sites Jan 6th 2012 at 5:01AM
- Dozens of Android apps pulled over premium SMS scam Dec 14th 2011 at 9:51PM
- Sophos USB drive buy results in investigation Dec 13th 2011 at 6:08AM
- Two thirds of lost USB sticks are infected Dec 8th 2011 at 5:05AM
- Kaspersky ditches BSA over anti-piracy bill Dec 6th 2011 at 2:27AM
Follow Follow this article if you would like to receive notifications of updates.
Add a new comment
You need to be logged in to post comments. If you do not have an account then please register.
Comments
0 comments
There are no comments yet, be the first to add one!