• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

SwaCash | Internet Marketing News

Latest Updates on Tech, Internet & Digital World

  • Home
  • Digital Marketing
  • Social Media
  • Technology
  • About
  • Contact Us
You are here: Home / News / Hacker claims he can hack ATMs with his smartphone

Hacker claims he can hack ATMs with his smartphone

June 26, 2021 by Amer Bekic

A “white hat” hacker from the firm IOActive tells how he discovered a gaping security flaw in cash machines equipped with an NFC reader. According to him, the vendor manufacturers have neglected the security of this component to where it is possible to conduct buffer overflow attacks. 

Credit: Unsplash

ATM security captivates the imagination in more ways than one. We have here unique, secure equipment since they must be able to provide both physical protection of currencies and protection against computer attacks while being installed in public places .

In recent years, various researchers have shown that the security of these distributors is far from infallible . However, until now, the attacks have relied on access to a USB port hidden under the casing, or even to internal components. So I can’t imagine a malicious person carrying out such attacks in nature in the middle of the day.

Researchers Finds Disturbing Way To Attack ATMs

Especially when you consider these devices are under video surveillance. Other attacks, including network attacks, are possible. But they require precise knowledge of the characteristics of the target distributor, while exposing the perpetrator of the attack to being detected, given the security devices installed by the banks.

Josep Rodriguez a consultant for the security firm IOActive is called a “white hat” or ethical hacker. He has long been interested in the security of these distributors, but also in NFC technology. However, you have undoubtedly noticed it: some distributors now ship an NFC reader.

All banks did not n’t use this one, but as Josep Rodriguez explains, it’s a gaping front door into the machine because of a security flaw known for years. He explains in fact having succeeded, via a simple smartphone, in triggering a so-called “buffer memory overrun” attack via the NFC reader of a distributor .

This type of attack works because the distributor’s operating system does not limit the amount of data that can enter through NFC. When the amount of data exceeds the allocated space in RAM, data continues to be written to adjacent memory addresses for use by other parts of the system. With a little reverse engineering, it can then do just about anything it wants on the target machine .

Fixing The NFC Security Flaw On All ATMs In Circulation Will Take Time

For example, he was able to tell the machine to write all the bank card numbers that pass through his reader, change the amount of transactions on the fly, and even in at least one case force the distributor to distribute all of its content (also attack known as “Jackpotting”). Wired explains:

“Rodriguez has built an Android application that allows his smartphone to mimic radio communications from bank cards and exploit loopholes in the system’s NFC firmware. By waving his smartphone, he can exploit a variety of bugs to crash ATMs, hack them to collect and transmit credit card data, invisibly change the value of transactions, and even lock down devices while displaying a ransomware message”.

The security researcher warned manufacturers of the issue between 7 months and a year ago, including ID Tech, Ingenico, Verifone, Crane Payment Innovations, BBPOS, Nexgo, and an unidentified vendor because of a security breach. Even more serious. To force them to act quickly he has already announced that he will release technical details in the coming weeks.

It remains to be seen whether it is technically possible for the manufacturers concerned to really close the security breach on all devices in circulation. Josep Rodriguez himself admits it: “patching several hundred thousand ATMs physically is something that will take a lot of time”.

The demonstration of the attack did not take place in the United States, where the security of banking systems can sometimes be weaker, but in Madrid, in Europe. The researcher concludes: “These vulnerabilities have been present in firmware for years, and we have used these devices daily to manage our credit cards, our money. It has to be more secure”. 

Filed Under: News

Primary Sidebar

E-mail Newsletter

More Articles

Apple’s valuation exceeds $2.5 trillion mark

July 19, 2021 By Amer Bekic

Ethereum (ETH), a white hat saves a cryptocurrency user on the verge of losing $240,000

July 19, 2021 By Amer Bekic

Project Pegasus: Israeli “clickless” spyware used against thousands of journalists and activists

July 19, 2021 By Amer Bekic

Some weird Intel Core 12900K, 12700K, and 12600K specs have appeared online

July 18, 2021 By Amer Bekic

In 2021, the video game industry still generates more investments

July 18, 2021 By Amer Bekic

Malaysian authorities destroy 1,069 mining devices (video)

July 18, 2021 By Amer Bekic

Disable the Windows print spooler or you could be hacked, according to Microsoft

July 18, 2021 By Amer Bekic

Paraguay promises to be a 100% renewable Bitcoin (BTC) mining giant

July 17, 2021 By Amer Bekic

Faced with ransomware, Interpol wants international collaboration

July 17, 2021 By Amer Bekic

AMD brings its FidelityFX Super Resolution to open source

July 17, 2021 By Amer Bekic

Failed to reserve the Valve Steam Deck? You are not the only ones

July 17, 2021 By Amer Bekic

Twitter boss prepares DeFi application platform on Bitcoin blockchain

July 16, 2021 By Amer Bekic

Here’s why the Galaxy Watch 4 could make the Apple Watch shake

July 16, 2021 By Amer Bekic

“Facebook users spied on social by dozens of employees”: the accusation in the book-survey

July 16, 2021 By Amer Bekic

Valve’s Steam Deck will be able to run Windows

July 16, 2021 By Amer Bekic

Only 12% of companies realize the full potential of the cloud

July 16, 2021 By Amer Bekic

Limited Edition RTX 3080 Gundam Cards Sold In Pre-Built Mining Rigs

July 16, 2021 By Amer Bekic

Windows on iPad: You dreamed it, Microsoft did it

July 15, 2021 By Amer Bekic

iPhone 13: anticipating record sales, Apple would have increased production by 20%

July 15, 2021 By Amer Bekic

Google Stadia is not dead and seeks to expand its catalog of games with an enticing affiliate program

July 15, 2021 By Amer Bekic

Galaxy Watch 4: released on August 27, 2021, Amazon confirms!

July 15, 2021 By Amer Bekic

Apple seriously threatens to exit UK market

July 15, 2021 By Amer Bekic

Razer upgrades Blade 15 and Blade 17 to 11th gen Intel processors

July 14, 2021 By Amer Bekic

British detectives seize record $250 million in crypto

July 14, 2021 By Amer Bekic

OnePlus Nord 2: new renderings, Android updates, 50 MP sensor, lots of info

July 14, 2021 By Amer Bekic

Nigerian Bitcoin Trading Volume At Highest Despite Central Bank Restrictions!

July 14, 2021 By Amer Bekic

Google to challenge EU antitrust fine of 4.3 billion euros

July 14, 2021 By Amer Bekic

This hidden feature on iPhone is a spy tool

July 13, 2021 By Amer Bekic

NVIDIA: GeForce RTX 30xx SUPER coming to laptop?

July 13, 2021 By Amer Bekic

Microsoft buys cybersecurity start-up RiskIQ

July 13, 2021 By Amer Bekic

Android 12: you can play games before you even finish downloading

July 13, 2021 By Amer Bekic

Cyber ​​defense center opens in New York

July 13, 2021 By Amer Bekic

After Google, Apple could be the next target of US antitrust crackdown

July 12, 2021 By Amer Bekic

At 16, this teenager became a millionaire by selling PS5s at a premium

July 12, 2021 By Amer Bekic

A derivative of the PS5 architecture will be found in more than 80 system designs

July 12, 2021 By Amer Bekic

Galaxy Unpacked: all the new Samsung products may have just leaked

July 12, 2021 By Amer Bekic

124-year-old hydropower plant uses its energy to mine Bitcoin

July 11, 2021 By Amer Bekic

Ukrainian law enforcement has shut down 3,800 PS4 crypto-farm

July 11, 2021 By Amer Bekic

Mac’s battery life with M1 is so good Apple thought there was a bug

July 11, 2021 By Amer Bekic

Kaseya: the ransomware behind the attack was programmed to avoid Russian-speaking systems

July 10, 2021 By Amer Bekic

AI could also be used to create scientific disinformation

July 10, 2021 By Amer Bekic

Windows 11: the search bar back in the last preview

July 10, 2021 By Amer Bekic

Gettr: this new social network was launched by someone close to Donald Trump

July 10, 2021 By Amer Bekic

Windows 11: only recent versions of Windows 10 will be updated directly

July 9, 2021 By Amer Bekic

Study blacks out YouTube algorithm

July 9, 2021 By Amer Bekic

China continues crackdown on cryptocurrencies

July 9, 2021 By Amer Bekic

OnePlus recognizes limiting the performance of applications for greater autonomy

July 9, 2021 By Amer Bekic

Study: Apple Watch and Fitbit Could Detect Long-Term Effects of COVID-19

July 8, 2021 By Amer Bekic

Microsoft is deploying an urgent patch to correct the PrintNightmare flaw

July 8, 2021 By Amer Bekic

China claims to have the world’s most powerful quantum computer

July 8, 2021 By Amer Bekic

Three Tweets related to EtherRock sales

Not one not two, Three digital pet rock cliparts sell for $600K each

August 22, 2021 By Amer Bekic

PolyNetwork Hacking Incedence

Hacker who stole $800 Million, now offered a white hat job by its victim firm

August 20, 2021 By Amer Bekic

credit card back panel containing the magnetic stripe

MasterCard announces future without magnetic stripe on the back.

August 17, 2021 By Amer Bekic

Fortune magazine sells its cover art as NFT. Raises 1.3 Million dollars

August 14, 2021 By Amer Bekic

Bored Ape Yacht Club Token 3749

This bored ape pic just sold for 1.29 Million dollars!

August 14, 2021 By Amer Bekic

Footer

Search this site

Recent Articles

  • Not one not two, Three digital pet rock cliparts sell for $600K each
  • Hacker who stole $800 Million, now offered a white hat job by its victim firm
  • MasterCard announces future without magnetic stripe on the back.
  • Fortune magazine sells its cover art as NFT. Raises 1.3 Million dollars
  • This bored ape pic just sold for 1.29 Million dollars!

Browse Topics

  • Blogging (164)
  • Content Marketing (7)
  • Cryptocurrency (5)
  • Digital Marketin (4)
  • Digital Marketing (333)
  • E-commerce (122)
  • Google (195)
  • Google Ads (24)
  • Marketing (166)
  • News (344)
  • Seo (74)
  • Social Media (43)
  • Technology (27)
  • Uncategorized (82)
  • WordPress (22)

Tags

Amazon Android Apple Apple Watch Artificial Intelligence B2B Bitcoin Blogging China Content Content Marketing Coronavirus Cryptocurrency Cybercriminals cybersecurity Digital Digital Marketing Facebook Gaming Google Increase Sales Instagram Intel internet strategy iOS 15 iPhone iPhone 12 IPhone 13 Make Money Marketing Microsoft Nvidia Online Marketing Samsung Science Search engine optimization Seo SEO optimization by content Social Media Social networks Technology TikTok Twitter Windows 11 YouTube

© 2019–2022 · SwaCash.com