📜 ⬆️ ⬇️

At the Black Hat conference, a hacker revealed a new way to hack ATMs.


Actually, the word “hacker” is used here in a positive context, without implying a computer hacker. Quite the contrary - network security specialist Jack Barnaby learned how to hack ATMs in order to tell developers the main system vulnerabilities. In general, Jack found a simple way to learn how to hack ATMs (as every second teenager probably dreams of) - he just bought two ATMs from two different manufacturers, Tranax Technologies and Triton, at auction.

According to Jack, after he spent a year on studying the software and hardware of these devices. Now he can extract banknotes from any ATM he studied until he runs out of the ATM itself. In general, outwardly, all this looks even simpler than in the movie "Terminator-2" (yes, I know that this is just a director's trick; in this way you cannot hack an ATM). So, the hacker presented two ways of hacking ATMs - the first allows you to log in via a telephone modem, and the second method allows you to retrieve bills without having to enter a password for a credit card.
Jack says that the vulnerabilities he found are very critical, but the information about them has already been passed on to manufacturers.

In the case of ATM from Tranax, the hacker found a critical remote access vulnerability that allows you to gain full access to the system without having to enter a password. To exploit the vulnerability, an appropriate exploit was written, called Dillinger. Accordingly, another exploit was written for the second type of ATMs - Scrooge.

The first exploit allows you to exploit a vulnerability in remote access technology to an ATM. The second is a rootkit that enters into the backdoor system, which is not shown in the list of running applications. You can call it by entering a combination of keystrokes or a specially made map.

By the way, ATMs from Triton do not have remote access vulnerabilities (at least, the hacker did not find it). But the hardware of this device is standard, and the motherboard, which provides access to money, is protected by a standard key that Jack bought for $ 10 on the Net. In general, all this allowed the hacker to install the backdoor in the system as a system update.

More detailed information, unfortunately, is unavailable, the hacker has not posted his work in the public domain. By the way, after his appeal to the manufacturers, the Triton management responded quickly, quickly installing updates that close the vulnerability. But Tranax is still silent.

By the way, Jack was supposed to speak at the last conference, but his speech was canceled at the last minute as a result of some technical overlays.

Interestingly, most of the ATMs of these manufacturers, which are installed in public areas, do not have protection against the vulnerabilities found by Jack. But new ATMs are already delivered with closed "holes".

Source of

Source: https://habr.com/ru/post/100460/

All Articles