Hacker Figures Out How To Make ATM Spew Cash, Tells The World About It

Hacker Figures Out How To Make ATM Spew Cash, Tells The World About It

In need of extra cash? Who isn't, right? If you're a smart hacker, you may be able to make a small fortune by simply tricking an ATM or two into spitting out money for you. We know that sounds crazy, and it certainly is, but it's true nonetheless. At the annual Black Hat conference -- where hackers and security experts gather to make public certain loopholes in order to encourage companies to fix them -- Barnaby Jack was able to demonstrate how he could trick an ATM into spitting out all of its cash, and more.

The hacker spent two full years perfecting the ruse, which applied to the ATMs found often in front of convenience stores. The goal was to find a way to take control of the ATM by "exploiting weaknesses in the computers that run the machines," but unlike malicious hackers, his goal was to make this information public so that companies making them would take notice and close up these holes for thieves to exploit. 


His demonstration was one of the most widely viewed at the show, mostly because it affects a wide variety of ATMs and has the potential to really cause a lot of havoc. This is definitely an easy way to snatch cash -- far easier than robbing a bank -- and if this information fell into the wrong hands, it could really spell trouble. He was supposed to showcase this last year, but out of a fear that ATM makers couldn't close the loopholes in time, he delayed it until this year and spent the last 12 months finding even more holes.

He noticed that "the physical keys that came with his machines were the same for all ATMs of that type made by that manufacturer," so there's an easy way to get inside right there. Once you're in, he used the key to "unlock a compartment in the ATM that had standard USB slots. He inserted a program he had written into one of them, commanding the ATM to dump its vaults. — He hacked into the machines by exploiting weaknesses in the way ATM makers communicate with the machines over the Internet."

Follow the link below for the full report; it's definitely an interesting read.
0
+ -

There is no link below :-( lol

My buddy used to work on these things.

He said you can easily make the machine thinks it's spitting out ones instead of $20s lol

Withdraw $20... and you'll get $400.

0
+ -

Where is the link????

0
+ -

quick start robbing atms before they change them

0
+ -

"magically grabs the code, then runs over to an ATM..." lol that would be a great fast way to to grab a new build :D

0
+ -

I read about this elsewhere because there's no link here.

The guy tried to hide the manufacture's names and the exact method of cracking them, but two of the machines displayed logos on the screens anyway. He notified the manufacturers as to the vulnerabilities the machines have long ago, and updated code has already been applied to many of the ATM's throughout the country. Yes, he cracked them, but revealed it all responsibly too.

Cool Beans.

0
+ -

I wonder how they could have hacked such a perfect system.

0
+ -

lol looks like a pretty good security measure to me Evil.. in 7 days no one will be able to use that ATM at all.. let alone hack it! lol

0
+ -

lol 3vi1, what acarzt said :D. But looks like someone wasn't do their part of the job when putting this together... :)

0
+ -

Love that pic...What is that, Playschools "My first ATM"?

John Conner was doing this back in the 90's, maybe this is how Skynet takes over:P

0
+ -

Good to see "Ethical Hacking"

Somebody get that man an application!!!!

0
+ -

People do this kind of hacking all the time. It's just rare you actually hear about it :-P

0
+ -

@lonewolf: "Ethical Hacking"

The guy works for a computer security firm. He's uncovered many vulnerabilities in OS's and Browsers in the past. It's his day job.

He did this project at home, in his spare time, with his own money, then told the affected ATM makers far in advance, about how he did it without sharing his exact techniques with the world when he announced.

Sounds ethical to me.

 

0
+ -

Video links here

 

enjoy..

Login or Register to Comment
Post a Comment
Username:   Password: