ARN

Hacker develops multi-platform rootkit for ATMs

One year after being blocked, researcher Barnaby Jack will finally give a controversial Black Hat talk

One year after his Black Hat talk on Automated Teller Machine security vulnerabilities was yanked by his employer, security researcher Barnaby Jack plans to deliver the talk and disclose a new ATM rootkit at the computer security conference.

He plans to give the talk, entitled "Jackpotting Automated Teller Machines," at the Black Hat Las Vegas conference, held July 28 and 29.

Jack will demonstrate several ways of attacking ATM machines, including remote, network-based attacks. He will also reveal a "multi-platform ATM rootkit," and will discuss things that the ATM industry can do to protect itself from such attacks, he writes in his description of the talk, posted this week to the Black Hat Web site.

Jack was set to discuss ATM security problems at last year's conference, but his employer, Juniper Networks, made him pull the presentation after getting complaints from an ATM maker that was worried that the information he had discovered could be misused.

The security researcher found a straightforward way of getting around Juniper's objections, however. Last month, he took a new job as director of security research with IOActive.

ATM machines do get compromised, but in a roundabout way. Thieves often hit them by installing card skimmers on them to extract magnetic stripe data from the cards. Then, using a hidden video camera, they steal login numbers. Using all of this information, the crooks can build their own duplicate cards and empty bank accounts.

But Jack's talk looks at a new area: bugs in the software used to run the machines.

He's taken advantage of the extra year provided by Juniper's ban to do more research. "Last year, there was one ATM; this year, I'm doubling down and bringing two new model ATMs from two major vendors," Jack says in his talk description. The security researcher couldn't immediately be reached for comment.

Jack doesn't say which ATMs he plans to discuss, but it could be any major vendor, according to Black Hat Director Jeff Moss. "He's got a living room full of a lot of different brands of ATMs, and they all seem to suffer from one or the other problem," he said.

ATMs haven't received a lot of serious scrutiny by security researchers, so Jack's talk will break new ground, Moss said. "Apparently you can make all the money come out," he said.

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

More about: etwork, Juniper, Juniper Networks
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: ATM, black hat, hacker, rootkits
ARN Directory | Distributors relevant to this article
Aquion , Avnet Technology Solutions , inTechnology Distribution Pty Ltd , Westcon Group
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/transition-systems-australia/2010-12-09_354_polycom
Transition Systems Australia

Polycom

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.