atm

ATMs are terrifyingly easy to hack

Our experts made a short video showcasing a proof-of-concept attack by a criminal who has physical access to the ATM’s internals.

Kaspersky Team
September 30, 2016

Considering that ATMs have precisely one purpose — to connect bank customers with their accounts — we decided to investigate the effort it takes to commit a successful attack on an ATM. Our experts made a short video showcasing a proof-of-concept attack by a criminal who has physical access to the ATM’s internals.

As you may know, an ATM is really just a basic PC with some custom hardware added. The PC runs an operating system similar to the one installed on your laptop. In fact, in most cases it is Windows (Windows XP, at that).

ATMs are terrifyingly easy to hack #protectmybiz
Tweet

In the video, we see somebody opening the machine using a key, inserting a flash drive containing malware, and then using a keyboard to send a command. The attack ends with the ATM spewing out cash.

This third part can be repeated until the ATM is empty.

An ATM’s service lock isn’t much of an obstacle for a criminal; there are many ways to acquire a duplicate of the keys used by service teams and cash couriers. Not all ATMs are equipped with alarm systems, either. And there are many ways to neutralize security cameras, too.

Ultimately, criminals are not having much trouble infecting ATMs with malware.

In fact, physical access isn’t even necessary; malware can be planted over the Internet (more than a few ATMs are directly exposed to the Web). Once an ATM has been compromised, a shady individual arrives late at night with a backpack, packs up the cash, and swiftly disappears.

Getting a physical access, criminals do not have much trouble infecting ATMs with malware. #protectmybiz
Tweet

How are such attacks even possible? In this particular case, besides the obvious ease of physical access to the ATM’s interiors, there are software-related issues as well. ATM PCs apparently lack any serious antimalware protection. Default Deny technology, which would prevent any undesirable software from running, isn’t there either. As a result, criminals can run any arbitrary code on this machine.

Nothing is preventing the deployment of unauthorized hardware, either, because ATMs have no hardware authentication tools.

Hence, looting an ATM is a trivial task, and banks are losing big.

Online behaviors of 55+ internet users

What are older people doing online, and are they aware of the threats out there?

Privacy & Kids

ATMs are terrifyingly easy to hack

Fake-processing ATM attack

Multiple-ATM Attacks

Online behaviors of 55+ internet users

Tips

Advertisers sharing data about you with… intelligence agencies

Residential proxies: understanding the risks for organizations

Watch the (verified) birdie, or new ways to recognize fakes

Switching to Kaspersky: a step-by-step migration guide

Sign up to receive our headlines in your inbox

Home Solutions

Small Business Products

Medium Business Products

Enterprise Solutions

Securelist

Eugene Personal Blog

Encyclopedia