This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Barnaby Jack of IOActive demonstrated attacks that would allow a criminal to compromise ATMs.
A security researcher today gave notice to companies that make the world's automated teller machines.
On Wednesday at the Black Hat conference, Barnaby Jack of IOActive demonstrated attacks that would allow a criminal to compromise ATMs, allowing hypothetical thieves to steal cash, copy customers' ATM card data, or learn the master passwords of the machines. While one of the attacks required a few seconds to open the ATM and insert a USB drive with code to overwrite the system, the other attack used a remote management feature commonly found on standalone ATMs.
Jack's presentation targeted machines made by Tranax and Triton, but other ATMs likely have similar security issues, he said.
"I found specific vulnerabilities in the ATM machines," Jack said during a press conference following the presentation. "But the attack surface is [similar] across the ATM industry as a whole ... In every ATM system I've looked at, I've been able to find flaws."