Professional Documents
Culture Documents
Hack For Free Cash: ATMs Take Just 20 Minutes To Crack
Hack For Free Cash: ATMs Take Just 20 Minutes To Crack
Hack For Free Cash: ATMs Take Just 20 Minutes To Crack
SIGN UP HERE
ATM Vulnerabilities
They found that 58 percent of the ATMs tested were at risk to threat
actors breaching the network through poor cybersecurity practices, such
as out of date software and weak rewall protection.
Hit it Hard
By far the most successful type of attack was a direct hack of the ATM
itself, although this required physical access.
If the attacker is able to manipulate the ATM so that they can unplug the
Ethernet cable and connect a device, they are then able to conduct
attacks on the network service or man-in-the-middle attacks.
This method worked 85 percent of the time on the tested ATMs with the
researchers nding that: “Sometimes the modem is located outside of
the ATM cabinet, so an attacker would not even have to open up the ATM
in order to perform modi cations.”
See Also: Magecart’s 7 Groups: Hackers Dropping Counter-Intelligence Code
in JavaScript Skimmers
The quickest method is also the loudest, Positive Technologies carried
out Black Box attacks which only took 10 minutes to obtain cash from the
machine.
A Black Box attack is done by drilling a hole in the side of the ATM case to
gain access to the cables connecting the ATM cash box to the ATM OS. A
ready made tool is then connected to the ATM letting the threat actors
withdraw as much cash as they like.
However, they state that the rst step that needs to be done is to:
“Physically secure the ATM cabinet and surroundings. Exploiting most of
the vulnerabilities we found would be impossible without access to the
on-board computer and peripheral ports.”
Tech Monitor
Social
Powered by