Today, Barnaby Jack is present on topics relating to hack ATM in the Black Hat Conference USA 2010, which in fact attacks have been invented a year steam and the first Jack Ka that will be presented in the Black Hat Conference USA 2009 but At that time the company asked to move to the ATM first. Otherwise, people would hack chaos machine ATM.Because the play is very serious vulnerability. Can be attacked with a remote.
Basics ATM.
- Running Windows CE.
- Use the ARM architecture.
- Able to use tcp / ip with a default dialup Some have wireless (CDMA) is optional.
The attacks are divided into two types.
- Physical attack (must go to the unit).
- Remote attack (remote access via tcp / ip or dialup time.)
0 slows.
Physical attack.
Since the ATM each has connector usb for the upgrade firmware is to think in a case officials want to upgrade firmware is easy, just plug usb a firmware is also able to upgrade right away does not require staff with in-depth knowledge. come.But you jack usb it has caps on the need to use master key to open, but at the same time you master key is also available for purchase online --a Jack also managed to write firmware way he wants to whip into usb and then Purchase master key into a very flower and then steamed to open the ATM and then inserted.wait a usb firmware install that money is already flowing by itself. I watched the demonstration from the feeling that he would write to make money out of it flows out as the only cabinet I $ _ $.
Remote attack.
Because ATM operating system of Windows CE, which feature for remote monitor / configuration and remote upgrade firmware just stick with that problem directly. It is process. authentication. Before you do anything different, but ... Jack has to find vulnerabilities to bypass authentication to this remote install rootkit can be offline.By making use Dilinger it is to control different feature, such as sending to Scrooge on a computer or send data back to Scrooge etc.
How to prevent
- Change the standard protection built it before i master key that can be purchased here. What is already looking very polished feel.
- Allows to install only execute file with the correct sign.
- Implement trust environment - not that connect from anywhere.
- Then I do security audit.
Pe. The video to see the reference below I offline.
Ref:.
http://citecclub.org/forum/hacking-s...-2010-a-37880/
No comments:
Post a Comment