https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm
Am 05.09.2023 um 15:19:14 Uhr schrieb Chris Elvidge:
https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm
And that is called security?
For me it looks like bank's security isn't real security if that can be disabled with a product that can be bought by everyone.
Chances are the bank was depending on the line being secure rather
than using good encryption to provide secure communications over an
insecure line.
https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm
Ahem A Rivet's Shot <steveo@eircom.net> writes:
Chances are the bank was depending on the line being secure rather
than using good encryption to provide secure communications over an
insecure line.
Banks have been aware of the need to encrypt communications for many
decades.
In this case:
| According to court records, the three used a device called a
| “raspberry pi” that is plugged into ATMs and deactivates its security
| systems so they could remove the cash drawer.
My guess is they compromised some kind of software-controlled electronic lock.
| According to court records, the three used a device called a
| “raspberry pi” that is plugged into ATMs and deactivates its
security | systems so they could remove the cash drawer.
schrieb Richard Kettlewell:
| According to court records, the three used a device called a
| “raspberry pi” that is plugged into ATMs and deactivates its security >> | systems so they could remove the cash drawer.
Why is it possible to plug something in without having to crack a door
open or similar?
Why isn't the software access directly at the hardware secured by a
password?
Am 05.09.2023 um 20:52:58 Uhr schrieb Richard Kettlewell:
| According to court records, the three used a device called a |
“raspberry pi” that is plugged into ATMs and deactivates its security | >> systems so they could remove the cash drawer.
Why is it possible to plug something in without having to crack a door
open or similar?
Why isn't the software access directly at the hardware secured by a
password?
On Wed, 6 Sep 2023 12:50:20 +0200, Marco Moock wrote:
Am 05.09.2023 um 20:52:58 Uhr schrieb Richard Kettlewell:
| According to court records, the three used a device called a |
“raspberry pi” that is plugged into ATMs and deactivates its security >>> |
systems so they could remove the cash drawer.
Why is it possible to plug something in without having to crack a door
open or similar?
Because the ATM is designed to be installed in a secured room? The only
think anybody needs to enter it for is the stuff more cash into its cash drawer (or in India, where ATMs typically can accept as well as pay out cash), to remove incoming cash from its deposit drawer.
Why isn't the software access directly at the hardware secured by aNo need. You typically need a physical key to access the cont of the
password?
ATM's cash drawer(s). Each ATM is run by its own copy of a fairly dumb
finite state machine (FSM), which knows just enough to run its display, handle the smartcard reader and interpret the punter's key presses. The
ATM's controlling FSM is in turn overseen by an ATM network management process running on a bigger box back at head office.
Why is it possible to plug something in without having to crack a door
open or similar?
Why isn't the software access directly at the hardware secured by a
password?
Another possibility would be authentication based on some physical
token (e.g. a smartcard) with the Pi emulating it and attacking the
control software via that channel.
https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm
Also, what makes you think they "plugged something in" to begin with ?
Also, what makes you think they "plugged something in" to begin with ?
That's what the reporting says. Whether it's accurate or not I can't
say, but that's what we've got to work with.
On 05/09/2023 15:19, Chris Elvidge wrote:
OK, all done.
https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm
Remember SMS spotting has a per spot cost to SOTA and so it should be
used only when your mobile internet connection is not available at the summit.
73How did that get there and not in an email. :-(
Andy
https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm
Each ATM is run by its own copy of a fairly dumb finite
state machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The ATM's >controlling FSM is in turn overseen by an ATM network management process >running on a bigger box back at head office.
Each ATM is run by its own copy of a fairly dumb finite
state machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The ATM's controlling FSM is in turn overseen by an ATM network management process running on a bigger box back at head office.
Really? I had a drive thru ATM reboot on me once, The boot screen said
it was running Windows.
In this case the Pi /could/ have been connected to a dummy bank card (with a thin flat cable) and used to emulate a special kind of smart-card. Who
knows ...
On Wed, 6 Sep 2023 12:13:50 -0000 (UTC), in
<ud9qdu$2dslj$1@dont-email.me>, Martin Gregorie
<martin@mydomain.invalid> wrote:
[ snip ]
Each ATM is run by its own copy of a fairly dumb finite state machine >>(FSM), which knows just enough to run its display, handle the smartcard >>reader and interpret the punter's key presses. The ATM's controlling FSM
is in turn overseen by an ATM network management process running on a >>bigger box back at head office.
Really? I had a drive thru ATM reboot on me once, The boot screen said
it was running Windows.
On 06/09/2023 13:13, Martin Gregorie wrote:
Each ATM is run by its own copy of a fairly dumb finite state machine
(FSM), which knows just enough to run its display, handle the smartcard
reader and interpret the punter's key presses. The ATM's controlling
FSM is in turn overseen by an ATM network management process running on
a bigger box back at head office.
That's how they were originally, but these days some run Windows (often
out o support versions) and serve advertising while you try to get your
cash out. They offer the a huge range of world class vulnerabilities
that only Microsoft can provide.
Don't wander around at night carrying a Raspberry Pi or you might be arrested for "going equipped"!
When I was working with Richard K we had some pen testers give a talk on
how they discovered how to program a smart card to compromise a mobile payment terminal. They demonstrated this by making the payment terminal
play space invaders when the card was inserted.
On 05/09/2023 15:19, Chris Elvidge wrote:
https://www.tomshardware.com/news/raspberry-pi-used-to-rob-atm
<pedant>
Robbery is stealing something from someone by using force or threatening
to use force.
So it should be "raspberry-pi-used-to-steal-from-atm"
</pedant>
On 06/09/2023 13:13, Martin Gregorie wrote:
Each ATM is run by its own copy of a fairly dumb finite state machine
(FSM), which knows just enough to run its display, handle the
smartcard reader and interpret the punter's key presses. The ATM's
controlling FSM is in turn overseen by an ATM network management
process running on a bigger box back at head office.
That's how they were originally, but these days some run Windows
(often out o support versions) and serve advertising while you try to
get your cash out. They offer the a huge range of world class
vulnerabilities that only Microsoft can provide.
On Wed, 6 Sep 2023 21:40:10 +0100, druck wrote:
On 06/09/2023 13:13, Martin Gregorie wrote:
Each ATM is run by its own copy of a fairly dumb finite state machine
(FSM), which knows just enough to run its display, handle the smartcard
reader and interpret the punter's key presses. The ATM's controlling
FSM is in turn overseen by an ATM network management process running on
a bigger box back at head office.
That's how they were originally, but these days some run Windows (often
out o support versions) and serve advertising while you try to get your cash out. They offer the a huge range of world class vulnerabilities
that only Microsoft can provide.
Sure. I haven't touched any of that stuff since 2000, and as I said, even then I was more concerned with the software managing the ATM network and interfacing it to the financial system it was front ending. Thats where virtually all the client-specific custom code was situated.
Martin Gregorie <martin@mydomain.invalid> wrote:
On Wed, 6 Sep 2023 21:40:10 +0100, druck wrote:
On 06/09/2023 13:13, Martin Gregorie wrote:Sure. I haven't touched any of that stuff since 2000, and as I said,
Each ATM is run by its own copy of a fairly dumb finite state
machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The
ATM's controlling FSM is in turn overseen by an ATM network
management process running on a bigger box back at head office.
That's how they were originally, but these days some run Windows
(often out o support versions) and serve advertising while you try to
get your cash out. They offer the a huge range of world class
vulnerabilities that only Microsoft can provide.
even then I was more concerned with the software managing the ATM
network and interfacing it to the financial system it was front ending.
Thats where virtually all the client-specific custom code was situated.
I think you might be describing the 80s kind which had a 2 line text
display (VFD?), whereas everything since has had a CRT or LCD and needed
a 'computer' to drive it, and that computer ran some kind of OS (from
DOS upwards).
The old type being this kind of thing:
https://en.wikipedia.org/wiki/IBM_3624
On 08 Sep 2023 10:01:51 +0100 (BST), Theo wrote:
Martin Gregorie <martin@mydomain.invalid> wrote:I don't recall supporting any ATM that primitive or any with IBM stamped
On Wed, 6 Sep 2023 21:40:10 +0100, druck wrote:
On 06/09/2023 13:13, Martin Gregorie wrote:Sure. I haven't touched any of that stuff since 2000, and as I said,
Each ATM is run by its own copy of a fairly dumb finite state
machine (FSM), which knows just enough to run its display, handle
the smartcard reader and interpret the punter's key presses. The
ATM's controlling FSM is in turn overseen by an ATM network
management process running on a bigger box back at head office.
That's how they were originally, but these days some run Windows
(often out o support versions) and serve advertising while you try to
get your cash out. They offer the a huge range of world class
vulnerabilities that only Microsoft can provide.
even then I was more concerned with the software managing the ATM
network and interfacing it to the financial system it was front ending.
Thats where virtually all the client-specific custom code was situated.
I think you might be describing the 80s kind which had a 2 line text
display (VFD?), whereas everything since has had a CRT or LCD and needed
a 'computer' to drive it, and that computer ran some kind of OS (from
DOS upwards).
The old type being this kind of thing:
https://en.wikipedia.org/wiki/IBM_3624
on them. AFAICR they looked remarkably like the ones you currently find at the front of Sainsbury's and other UK supermarkets, but with rectangular monochrome screens. I can't remember who made them or who supplied the ATM network management software we were customising except that it came from Texas and most of the ATM networks used X.25 protocols.
On Wed, 06 Sep 2023 18:45:43 +0000, Jim H wrote:
Really? I had a drive thru ATM reboot on me once, The boot screen saidThere are several ATM manufacturers, and anyway the models I worked on in
it was running Windows.
the late '80s and '90s are quite unlikely to be around now. I forget who
made the ATM varieties I was familiar with or what, if any OS, their FSMs
or equivalent ran on: its quite likely that some ATM makes and models ran >under Windows.
Sysop: | Weed Hopper |
---|---|
Location: | Clearwater, FL |
Users: | 12 |
Nodes: | 6 (0 / 6) |
Uptime: | 11:28:44 |
Calls: | 67 |
Calls today: | 1 |
Files: | 50,165 |
D/L today: |
76 files (8,817K bytes) |
Messages: | 279,579 |