ATM hack promises teller machine jackpot

June 26, 2010
A woman uses an Automated Teller Machine (ATM) in Los Angeles in 2008. Computer security researchers are heading to Las Vegas with a software hack that gets bank teller machines to spew out cash jackpots.

Computer security researchers are heading to Las Vegas with a software hack that gets bank teller machines to spew out cash jackpots.

Barnaby Jack of IOActive is slated to give a "Jackpotting Automated Teller Machines" presentation at the Black Hat USA conference in Sin City in late July.

"I've always liked the scene in 'Terminator 2' where John Connor walks up to an ATM, interfaces his Atari to the and retrieves cash from the machine," Jack said at the Black Hat website. "I think I've got that kid beat."

The researcher promised to bring two new model ATM machines from a pair of major vendors to demonstrate local and remote software attacks that result in large payouts.

Jack said he was originally going to reveal his findings at Black Hat in Las Vegas last year but that talk was "pulled at the last minute due to circumstances beyond my control."

"The upside to this is that there has been an additional year to research ATM attacks, and I'm armed with a whole new bag of tricks," he added.

IOActive told AFP on Friday that the manufacturers of vulnerable ATM machines have been alerted to the problem and that Jack's presentation will include ways to protect machines against attacks.

Explore further: New computer network security threat identified

Related Stories

Microsoft probing new hole in IE security

February 3, 2010

Fresh from patching an Internet Explorer (IE) flaw exploited in cyberattacks on Google and other firms, Microsoft is looking into a newly exposed vulnerability in the browser software.

Recommended for you

Microsoft describes hard-to-mimic authentication gesture

August 1, 2015

Photos. Messages. Bank account codes. And so much more—sit on a person's mobile device, and the question is, how to secure them without having to depend on lengthy password codes of letters and numbers. Vendors promoting ...

Power grid forecasting tool reduces costly errors

July 30, 2015

Accurately forecasting future electricity needs is tricky, with sudden weather changes and other variables impacting projections minute by minute. Errors can have grave repercussions, from blackouts to high market costs. ...

Netherlands bank customers can get vocal on payments

August 1, 2015

Are some people fed up with remembering and using passwords and PINs to make it though the day? Those who have had enough would prefer to do without them. For mobile tasks that involve banking, though, it is obvious that ...

5 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

frajo
not rated yet Jun 26, 2010
I'd really like to know whether there were any ATM hacks back in those times when they still were running on OS/2.
dtxx
2.3 / 5 (3) Jun 26, 2010
The OS doesn't matter, I can guarantee you the software implementation is insecure.
hudres
not rated yet Jun 27, 2010
If he openly presents the fixes, that opens the door to new hacks. Does the word "security" mean anything to this guy?
plasticpower
5 / 5 (2) Jun 27, 2010
He's presenting at Black Hat. That should tell you all you need to know.
frajo
not rated yet Jun 27, 2010
The OS doesn't matter, I can guarantee you the software implementation is insecure.
You know the OS/2 sw implementation and you know of hacks into OS/2 run ATMs?
Any link to just one report of such a hack?
Or are you just inferring from what you know of windows?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.