Tuesday, June 30, 2009

ATM Vendor Halts Researcher’s Talk on Vulnerability

An ATM vendor has succeeded in getting a security talk pulled from the upcoming Black Hat conference after a researcher announced he would demonstrate a vulnerability in the system.

Barnaby Jack, a researcher with Juniper Networks, was to present a demonstration showing how he could “jackpot” a popular ATM brand by exploiting a vulnerability in its software.

Diebold did not respond to a call for comment.

Earlier this year, Diebold released an urgent alert (.pdf) announcing that Russian hackers had installed malicious software on several of its Opteva model ATMs in Russia and Ukraine. A security researcher at SophosLabs uncovered three examples of Trojan horse programs designed to infect the ATMs and wrote a brief analysis of them. Last month another security research lab, Trustwave’s SpiderLabs, providedmore in-depth analysis of malware used to attack 20 ATMs in Russia and Ukraine of various brands.

Read the full story at wired.com.

2 comments:

ezatms said...

Informative and interesting post. Banks should really come up with new technologies for ATM protections.

atmvendor said...

This is truly a nice post. Now its duty of banks to take steps to make ATM more secure.