![]() "Exiting kiosk mode was possible in every case with the help of hotkeys," the report said, and those hotkeys were usually standard Windows combinations such as Alt+F4 to close an active window, or Alt + Tab to switch among open applications.Įxiting kiosk mode won't cough up the cash, but using a keyboard makes it a whole lot more convenient to run malicious commands on the ATM. But if you plug in a keyboard, or a Raspberry Pi set up to act like a keyboard, you can use the ATM like a regular computer. When you use an ATM, it's in "kiosk mode" and you can't switch to another application. "A criminal could connect a keyboard or other device imitating user input." "Most tested ATMs allowed freely connecting USB and PS/2 devices," the report said. Once you open up the cabinet and get access to the computer's input ports, there isn't much between you and a cash jackpot. But the report noted that a crook would need only 15 minutes to access the ATM network connection to the processing center - something that might not be as conspicuous at three in the morning. Granted, it's not always easy to hang around an ATM and have enough time to pull off an attack. Known security flaws in the ATM's network hardware or software could also be exploited, as not all the ATMs had patched known flaws. ![]() Some ATM models put the Ethernet port on the outside of the cabinet, making it possible to disconnect the cable and plug in a laptop that spoofed a processing server and told the ATM to spit out cash. In both cases, it would be possible to send bogus processor-server responses to the machines, resulting in a cash jackpot. Default administrative credentials - username and password were both "root" - gave full Telnet access to one machine, and it was possible to brute-force weak administrative credentials on the same model's remote web interface. On a few machines, the cellular connections to the processing servers could be attacked by using encryption keys found in the modem firmware. ![]() MORE: The One Router Setting Everyone Should Change (But No One Does) Some had known security flaws in the network hardware or software that could also be exploited, as not all the ATMs had patched the known flaws. Other models secured the traffic using faulty VPNs whose encryption could be cracked. You'd need only to tap into the network traffic, either wired or wirelessly, to grab the card data. Fifteen out of 26 ATMs failed to encrypt communications with processing servers, although some did so over Ethernet rather than wirelessly. "Tested ATMs frequently featured poor firewall protection and insufficient protection for data transmitted between the ATM and processing center," the report noted.īecause of this, not all of the attacks required physical access to the machines. Some of the connections are dedicated direct links, while others go out over the internet. But Positive Technologies found that the computer, its network connections or the interface connecting the computer to the safe could almost always give you cash or a customer's ATM-card information.īefore it can give a user cash, the ATM computer must talk to a server at a far-off transaction processing center, using either a wired Ethernet connection or a cellular modem. The safe contains the cash, and the cash dispenser is directly attached to the safe, which you'd need heavy equipment or explosives to crack open. Open up the cabinet with a drill, a lock pick or a key - one key will often open all units of a given model - and you get physical access to the computer. The computer often runs Windows and has regular keyboard, mouse and network inputs. ![]() ![]() An ATM consists of a computer and a safe enclosed in a cabinet. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |