Hacker extracts cash from ATMs
Last Updated: Thursday, July 29, 2010 | 10:20 AM ET
The Associated Press
Related
The attacks demonstrated Wednesday targeted standalone ATMs. But they could potentially be used against the ATMs operated by mainstream banks.
(Tony Smyth/CBC)A hacker has discovered a way to force ATMs to disgorge their cash by hijacking the computers inside them.
The attacks demonstrated Wednesday in Las Vegas targeted standalone ATMs. But they could potentially be used against the ATMs operated by mainstream banks.
Criminals have long known that ATMs aren't tamperproof.
There are many types of attacks in use today, ranging from sophisticated to foolhardy: installing fake card readers to steal card numbers, hiding tiny surveillance cameras to capture PIN codes, covering the dispensing slot to intercept money and even hauling the ATMs away with trucks in hopes of cracking them open later.
Computer hacker Barnaby Jack spent two years tinkering in his Silicon Valley apartment with ATMs he bought online. These were standalone machines, the type seen in front of convenience stores, rather than the ones in bank branches.
His goal was to find ways to take control of ATMs by exploiting weaknesses in the computers that run the machines.
He showed off his results at the Black Hat conference in Las Vegas, an annual gathering devoted to exposing the latest computer-security vulnerabilities.
His attacks have wide implications because they affect multiple types of ATMs and exploit weaknesses in software and security measures that are used throughout the industry.
His talk was one of the conference's most widely anticipated, as it had been pulled a year ago over concerns that fixes for the ATMs wouldn't be in place in time. He used the extra year to craft more dangerous attacks.
Jack, who works as director of security research for Seattle-based IOActive Inc., showed in a theatrical demonstration two ways he can get ATMs to spit out money:
- He found that the physical keys that came with his machines were the same for all ATMs of that type made by that manufacturer. He used his key to unlock a compartment in the ATM that had standard USB slots. He then inserted a program he had written into one of them, commanding the ATM to dump its vaults.
- Jack also hacked into ATMs by exploiting weaknesses in the way ATM makers communicate with the machines over the internet. He said the problem is that outsiders are permitted to bypass the need for a password.
Jack said the goal of his talk "isn't to teach everybody how to hack ATMs. It's to raise the issue and have ATM manufacturers be proactive about implementing fixes."
Share Tools
Top News Headlines
- Greece passes new austerity deal amid rioting
- Greek lawmakers have approved harsh new austerity measures demanded by bailout creditors to save the debt-crippled nation from bankruptcy, after riots in Athens and other cities left stores looted and burned and more than 120 people hurt. more »
- Quebec town 'heartbroken' after killing of woman, sisters
- A small Quebec town is in mourning Sunday after a Quebec man was charged with killing his nieces and his mother, who were found dead in their family home. more »
- Houston autopsy results withheld by police
- Whitney Houston was found in a hotel bathtub but it'll take weeks to determine precisely how she died, a Los Angeles coroner's official says. more »
- Musicians who died before their time
- The growing list of musicians who have died young. more »
Latest Business Headlines
- Air Canada reaches tentative deal with dispatchers
- Air Canada has reached a tentative collective agreement with the Canadian Airline Dispatchers Association, representing the airline's 74 flight dispatchers. more »
- Old Age Security untouched until 2020, Flaherty says
- Finance Minister Jim Flaherty says Canadians should expect no changes to Old Age Security benefits before 2020 or 2025, and details about reform would be outlined over more than one budget. more »
- CAW questions Caterpillar takeover of Electro-Motive
- The head of the Canadian Auto Workers is suggesting Caterpillar Inc. may not have followed foreign takeover rules in its 2010 purchase of the London, Ont., locomotive plant it has since shut down. more »
- Canada's trade surplus doubles in December
- Statistics Canada says exports rose 4.5 per cent in December and imports edged up 0.8 per cent, pushing the country's trade surplus with the rest of the world to $2.7 billion from $1.2 billion in November. more »
Lang & O'Leary Exchange
Markets
| Index | Last Trade | Change |
|---|---|---|
| TSX COMPOSITE | 12389.42 | -108.52 |
| DOW | 12801.23 | -89.23 |
| NASDAQ | 2903.88 | -23.35 |
| SP 500 | 1342.64 | -9.31 |
| NYSE COMPOSITE | 7992.05 | -89.2 |
| AMEX | 2417.98 | -18.65 |
| TSX-VENTURE | 1653.55 | -11.27 |
The data on this site is informational only and may be delayed; it is not intended as trading or investment advice and you should not rely on it as such.
Business Features
- Pop queen Whitney Houston dies at 48
- Houston autopsy results withheld by police
- Greece passes new austerity deal amid rioting
- Foo Fighters win 5 Grammys
- Carleton University confirms death of student
- Quebec town 'heartbroken' after killing of woman, sisters
- Ultimate Tazer Ball combines shock and soccer
- Manitoba man dies after falling off moving SUV
- Adults-only trade show cancelled in B.C. Bible belt
