ATM Hacked Using Samsung Galaxy S4 & USB Port

Keep on Guard!


A pretty interesting black box daughter board attack on ATM via USB, the crowd cry ATM Hacked! Yah it was, and it was triggered using a mobile phone to actually activate the attack, showing it’s fairly complex and also abstracting the actual attacker from being physically there.

ATM Hacked Using Samsung Galaxy S4 & USB Port

The guy carrying the black box can’t actually perform the attack without whoever has the phone trigger letting it lose.

Carders have jackpotted an ATM by inserting a circuit board into the USB ports of an ATM, tricking it into spitting out cash.

The technique was thought to have emulated the cash dispenser of the ATM so the brains of the machine thought everything was normal, buying additional time for the brazen crooks to make off with the cash.

A Samsung Galaxy S4 was then used by a remote attacker to issue commands to the dispenser, cybercrime scribe Brian Krebs reported.

NCR global security manager Charlie Harrow said the circuit board gives crime lords control, but the folks who install it are not necessarily the real perps.

“… you have the Mr. Big back at the hideout who’s sending the commands, and the mules are the ones at the ATMs,” Harrow said.

“So the mule who has the black box is unable to activate the attack unless he gets the command from the Mr. Big, and the mobile phone is the best way to do that.”


It really reads like something from the movies, some lacky with a black box and a mysterious Dr. Evil somewhere on a desert island triggering the attack from his mobile phone causing the ATM to endlessly spit out $100 bills.

I doubt it was so obvious, but it would be fun wouldn’t it? The black box basically fooled the ATM into thinking the cash dispenser was still attached, pretty clever stuff.

The amount of cash stolen was not revealed.

The mobile phone component also made it difficult for investigators to piece together how the attackers pushed commands through to the cash dispenser.

Investigators were unsure what commands were sent to the dispenser only that they were funneled through the phone.

The type of attacks were increasing, NCR said. Most logical USB port attacks involved malware and only one other had used the type of black box equipment used here.

ATM owners have been urged to avoid stand alone machines where possible, as they are more easily attacked. NCR has updated its encryption scheme so that a key is exchanged between the brains and dispenser after a specific authentication sequence, and hardened firmware preventing thieves from downgrading.

I’m assuming this happened in the US as NCR is quoted (formerly National Cash Register) a US-based computer hardware/software company that provides ATMs and the like.

More details in Krebs article here: Thieves Jackpot ATMs With ‘Black Box’ Attack

Interesting stuff, will have to see if they manage to pop any more ATMs with this technique (if it gets reported that is).

Source: The Register

Posted in: Exploits/Vulnerabilities, Hardware Hacking

,


Latest Posts:


Uber Paid Hacker To Hide 57 Million User Data Breach Uber Paid Hackers To Hide 57 Million User Data Breach
Uber is not known for it's high level of ethics, but it turns out Uber paid hackers to not go public with the fact they'd breached 57 Million accounts.
RDPY - RDP Security Tool For Hacking Remote Desktop Protocol RDPY – RDP Security Tool For Hacking Remote Desktop Protocol
RDPY is an RDP Security Tool in Twisted Python with RDP Man in the Middle proxy support which can record sessions and Honeypot functionality.
Terabytes Of US Military Social Media Spying S3 Data Exposed Terabytes Of US Military Social Media Spying S3 Data Exposed
Once again the old, default Amazon AWS S3 settings are catching people out, the US Military has left terabytes of social media spying S3 data exposed.
SNIFFlab - Create Your Own MITM Test Environment SNIFFlab – Create Your Own MITM Test Environment
SNIFFlab is a set of scripts in Python that enable you to create your own MITM test environment for packet sniffing through a WiFi access point.
Skype Log Viewer Download - View Logs on Windows Skype Log Viewer Download – View Logs on Windows
Skype Log Viewer allows you to download and view the Skype history and log files, on Windows, without actually downloading the Skype client itself.
Ethereum Parity Bug Destroys Over $250 Million In Tokens Ethereum Parity Bug Destroys Over $250 Million In Tokens
If you are into cryptocurrency or blockchain at all, you will have heard about the Ethereum Parity Bug that has basically binned $280 Million + ETH.


Comments are closed.