Remote ATM Vulnerability – JACKPOT!

There have been a number of ATM breaches, such as in 2008 when several Citibank-branded ATMs located in 7-Eleven convenience stores were compromised to extract account numbers and PINs.

Barnaby Jack, Director of Security Testing at IOActive, was able to demonstrate remotely gaining control of not one, but two ATM machines that he purchased – causing both of them to empty their cash contents onto the stage at the Blackhat Security Conference. With all of the cash extracted from Jack's ATMs, one might think that remote control over the ATM is no longer valuable. But, this is so not the case.

Read the full article