ATMs hack is possible. At the Black Hat conference, Barnaby Jack, the security researcher, also director of research at IOActive Labs has highlighted vulnerabilities in software and physical equipment. The expert, who has spent several years in hacking ATM, presented two different methods to attack a Windows CE distributor: first, physical, using a master key purchased on the Internet and USB support modifying the firmware and a second, software and remote one, to exploit a flaw in the way distributors authenticate updates to their firmware.
The physical intrusion into an ATM is not an easy task since these devices usually have alarm systems. Nevertheless, the work of Barnaby Jack intended to demonstrate that some weaknesses remain and a malicious individual may gain.
The motherboard of the PC and was integrated DAB protected (the Triton and Tranax models are not the only ones concerned) as a key. But it is not unique and it is possible to acquire one of the many sites offering Internet sales. With a USB cradle, the researcher could then change the firmware.
With a laptop connected to an ATM, he could use the remote monitoring feature (enabled by default on the equipment) which has a flaw in its authentication system, and implement a rootkit.
This access allows the attacker to access sensitive data parameterization, such as passwords masters, but also to capture the data on the distributor (at a withdrawal by a user for example).
The expert has developed a graphical tool called Dillinger allowing it to extract data or to activate a mode “Jackpot. This second action, spectacular (and thought for a live demonstration), orders a withdrawal of money from the distributor.
Following his presentation, security researcher has suggested manufacturers to propose improvements to physical protection and / or a unique key per ATM. Jack also recommends disabling the default remote access and a signature at the core executables to block attacks such as those he has made.