/>
X
Home & Office
Home Home & Office Networking

ATM makers patch Black Hat cash-dispensing flaw

Two automated teller machine (ATM) manufacturers have shipped patches to block the cash-dispensing attack demonstrated by researcher Barnaby Jack at this year's Black Hat conference.
Written by Ryan Naraine, Contributor on

jackpottingatms.png
Two automated teller machine (ATM) manufacturers have shipped patches to block the cash-dispensing attack demonstrated by researcher Barnaby Jack at this year's Black Hat conference.

Hantle (formerly Tranax) and Triton released separate bulletins to address the issue, which lets a remote hacker overwrite the machine’s internal operating system, take complete control of the ATM and send commands for it to spew cash on demand.

[ SEE: Hacker breaks into ATMs, dispenses cash remotely ]

 At the Black Hat conference, Jack demonstrated two different attacks against Windows CE-based ATMs -- a physical attack using a master key purchased on the Web and a USB stick to overwrite the machine’s firmware; and a remote attack that exploited a flaw in the way ATMs authenticate firmware upgrades.

The patches apply to the following machines:

  • Any Triton ATM machine with X2 platform purchased before November 16, 2009
  • Any Triton ATM machine with X Scale platform
  • Hantle 1700W ATM machines with application version V02.01.12 or earlier
  • Hantle C4000 ATM machines with application version V02.01.12 or earlier
  • Hantle 4000T ATM machines with application version V02.01.12 or earlier

Editorial standards
Show Comments

Related

Person checking out bananas

Hate self-checkout? Get ready for a change you never expected

chat bot

What is ChatGPT and why does it matter? Here's everything you need to know

img-1734

3 security gadgets I never leave home without