..

More Banking Woes: Fake ATM Machines in Vegas

Written by:
Guest
Published on:
Aug/03/2009

Computer security experts of all types--from hackers, crackers, and phreaks to security researchers and law enforcement officials--descended on Las Vegas last week for the annual Black Hat and DefCon security conferences. It is probably no coincidence that an attacker also chose last week to plant phony ATM machines around Las Vegas in an attempt to capture account and PIN information and extract money from compromised accounts.

Perhaps the attacker saw it as a personal challenge to "hack the hackers" and test whether or not these security hobbyists and experts could detect an attempt to pull the wool over their eyes. The ironic part is that there was a presentation scheduled to be delivered at Blackhat by Juniper's Barnaby Jack related to exploiting a flaw in certain ATM machines, but the presentation was canceled at the request of an ATM vendor.

The presentation focused on exploiting vulnerabilities in devices running the Windows CE operating system. Many ATM machines rely on the Windows CE operating system so divulging the hack publicly could have had dire consequences. Juniper's director of corporate social media relations, Brendan Lewis, wrote a post on Juniper's official blog stating "To publicly disclose the research findings before the affected vendor could properly mitigate the exposure would have potentially placed their customers at risk. That is something we don't want to see happen."

That seems very altruistic on the part of Juniper and Barnaby Jack considering that Juniper notified the vendor of the vulnerability more than eight months ago. It wasn't as if it was a zero-day exploit or sudden shock to the vendor. Canceling the presentation prevents the flaw from becoming public knowledge, but the fact that they were able to find it and that affected systems have been vulnerable for more than eight months suggests that it is also possible that others with more questionable moral fiber may have stumbled upon the flaw as well and be actively exploiting it.

 

Sadly, the vulnerability is probably not an isolated or unique incident either. In a recent interview an executive of Trustwave, a security and compliance services vendor that assesses ATM, kiosk, and point-of-sale (POS) terminals for security, was quoted as saying "It is very, very rare that a device comes to our labs--in fact, I don't think that it has happened--that we don't find a vulnerability."

Source:  PC World

Tony Bradley is an information security and unified communications expert with more than a decade of enterprise IT experience. He provides tips, advice and reviews on information security and unified communications technologies on his site at tonybradley.com .

Gambling News

Sports Betting Briefs: Don't Hold Your Breath on Alabama

Sports Betting Briefs: Don't Hold Your Breath on Alabama

A four-package bill has just gotten through Alabama Senate after falling short by two votes.  All it took was a little tweaking. 

Odds on Who Jake Paul Will Fight Next

Odds on Who Jake Paul Will Fight Next

Social media mogul turned pro boxer Jake Paul made quick work of Ben Askren on Saturday night, and now many are speculating who will be up next for a quick payday in the ring.  SportsBetting.ag has set odds for Jake Paul’s next opponent, and there are some intriguing names on the list of a dozen fighters.

Sports Betting Briefs: Jake Paul Fight Big for Books, NFL Gets Cozy With Sports Betting

Sports Betting Briefs: Jake Paul Fight Big for Books, NFL Gets Cozy With Sports Betting

Though it may have seemed silly at the time, the fight between social media influencer Jake Paul and UFC fighter Ben Askren turned into a big win for the books.  Plus a $603K slots jackpot hits and casinos getting back to pre-pandemic numbers.

March Gambling Revenue Soars After 2020 Virus Shutdown

New Jersey’s casino and sports betting revenue more than doubled in March compared from year ago — but that’s because the emerging pandemic shut down casinos for the second half of the month last year.

UEFA Europa League Season Recap So Far

UEFA Europa League Season Recap So Far

Everyone's attention is usually focused on the UEFA Champions League season after season, but let's not forget that there's another tournament that is just as exciting and where teams fight to prove they do belong among Europe's best, and it's UEFA Europa League. 

Syndicate