Hacking an ATM Is Shockingly Easy By Paul Wagenseil 2018-11-14T19:52:02Z Finance Almost all ATMs fall victim to common hacking attacks, a security firm found.
We have you about a number of. Now you can see it with your own eyes! Our experts shot four videos of ATM hack demos. Disclaimer: No bank was harmed in the process, and we do not recommend you try any of these methods. Method 1: Fake processing centerThis method requires an attacker to access a cable connecting the machine to the network. The hacker disconnects the ATM from the bank’s network and then connects it to an appliance that acts as a fake processing center.The box is used to control the cash trays and send commands to the ATM, requesting money from the chosen tray.
![Hack Hack](/uploads/1/2/5/6/125653724/268086589.png)
It’s as simple as that: The attacker can now use any card or input any PIN code, and the rogue transactions will look legitimate.Method 2: A remote attack on several ATMsThis method involves an insider working in the target bank. The criminal purchases a key from the insider that opens the ATM chassis. The key does not give an attacker access to the cash trays, but it exposes the network cable. The hacker disconnects the ATM from the bank’s network and plugs in a special appliance that sends all of the data to their own server.Networks connecting ATMs are often not segmented (separated for security), and ATMs themselves can be configured incorrectly.
In that case, with such a device a hacker could compromise several ATMs at once, even if the malicious device is connected to only one of them.The rest of the attack is carried out just as described in Method 1: A fake processing center is installed on the server, and the attacker gains full control over the ATMs. Using any card, a criminal can withdraw all of the cash from an ATM, regardless of the model. The only thing the ATMs need to have in common for this method to work is the protocol they use to connect to the processing center.Method 3: The black box attackAs previously described, the attacker obtains the key to the ATM chassis and accesses it, but this time puts the machine into maintenance mode. Then the hacker plugs a so-called black box into the exposed USB port. A black box in this case is a device that allows an attacker to control the ATM’s cash trays.While the attacker tampers with the ATM, its screen displays a service message like “Maintenance in progress” or “Out of service,” although in reality the ATM can still draw cash. Moreover, the black box can be controlled wirelessly via a smartphone.