Could we ask John Connor to bring his Atari and bypass this?

Automatic Teller Machines (ATM) are devices that provide the customers of a financial institution with the ability to perform financial transactions [1].  They are available everywhere and often use well known operating systems and off-the-shelf hardware. During last Christmas while on vacations and walking through the beautiful city of Lisbon I came across the ATM posted in the picture.Winnt-ATM

An ATM running Windows NT operating system! – By this time the ATMs should be running Windows XP embedded not to say Windows 7 embedded!

Without a doubt the most common ATM attacks involve using card skimmers. An excellent resource to read about card skimmers is the series that Brian Krebs putted together on “all about skimmers”. It’s definitely an opening eye and excellent to raise awareness. Other attacks techniques are card trapping, pin cracking, phishing and malicious software [2]. However when I saw this ATM I automatically remembered Barnaby Jack and his DefCon presentation Jackpotting Automated Teller Machines.  It’s like in Terminator 2, where John Connor uses its Atari to bypass security on an ATM with a ribbon cable connecting the parallel interface to a magnetic stripe card. Fiction apart these kinds of attacks are very real. For example, this one that was seen in Mexico or the Troj/Skimer-A with a in-depth analysis by XyliBox. Another interesting report is this one from Trustwave which shows  a piece of malware that targets ATMs with Windows XP operating system. Diebold ATM Security Communication and Support Center as good information about all kind of attacks like the one seen in Russia where an insider, would install the malicious code on several ATMs running Windows XP embedded. Then with a special activation card that would allowed complete control of the ATM.

Would you withdraw money from an ATM  running Windows NT?

[1-2] Mubarak Al-Mutairi; Lawan Mohammed ; IGI Global ; Cases on ICT Utilization, Practice and Solutions.

Tagged

3 thoughts on “Could we ask John Connor to bring his Atari and bypass this?

  1. Ash says:

    WOW !!!!! Although NT may end up being safer than XP these days as how many attack toolsets still incorporate NT in them. Security by Ignorance 😀

    Like

  2. Alexandre says:

    No. I’ll withdraw money from a Bitcoin ATM no matter what operate system it’s running trough! At that moment, even terminator 2, 3, 4 ….. no matter what, will don’t be able to bypass it. It’s gonna be the future raised in cryptography and i hope I’ll be alive to contemplate all that.

    Like

  3. Mosssssss…. não fazia ideia.
    Realmente como é possível com tanta “guita” que a banca ganha não ter investido ainda no melhoramento dos multi-bancos.
    Estranho não ocorrerem mais “problemas”!!!
    https://countuponsecurity.com/2014/01/24/could-we-ask-john-connor-to-bring-his-atari-and-bypass-this/#comment-form-load-service:Facebook

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: