Scribd
Upload
1K views

Atm Hacking

The document discusses various methods used in ATM hacking, including skimming, jackpotting, blackbox attacks, and network/USB-based attacks. Skimming involves using a small device to steal card information from users. Jackpotting uses malware to force an ATM to dispense cash. Blackbox attacks trick an ATM into dispensing cash by connecting a custom tool. Network and USB attacks allow hackers to access the ATM's operating system and inject malware to modify transactions. Many ATMs have vulnerabilities like weak passwords, unencrypted data, and ability to override kiosk mode, enabling hackers to cash out money within 20 minutes using these attack methods.

Uploaded by

Patrick Naggar
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
1K views

Atm Hacking

The document discusses various methods used in ATM hacking, including skimming, jackpotting, blackbox attacks, and network/USB-based attacks. Skimming involves using a small device to steal card information from users. Jackpotting uses malware to force an ATM to dispense cash. Blackbox attacks trick an ATM into dispensing cash by connecting a custom tool. Network and USB attacks allow hackers to access the ATM's operating system and inject malware to modify transactions. Many ATMs have vulnerabilities like weak passwords, unencrypted data, and ability to override kiosk mode, enabling hackers to cash out money within 20 minutes using these attack methods.

Uploaded by

Patrick Naggar
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

@whereislohith

ATM
HACKING
@whereislohith

What is ATM ???


ATM full form is Automated Teller
Machine which is a self-service banking
outlet. You can withdraw money, check
your balance, or even transfer funds.
Different banks provide their ATM
services by installing cash machines in
different parts of the country.
@whereislohith

How much cash filled in atm mission ??

An ATM can hold Rs12-23 lakh per


machine. Banks fill currency in four
slots that hold 2,000 notes each.
This typically translates to 4,000
notes of Rs100, 2,000 notes of
Rs500 and 2,000 notes of Rs1,000
@whereislohith

ATM cassete

Cassette: The part


that holds all of the
cash in the ATM
@whereislohith

major ATM hacking vulnerabilities

1.Skimming

2.Malware attacks

3.Physical Attacks

4.Network Attacks
@whereislohith

Skimming
Skimming is a type of fraud where criminals
use a small device, called a skimmer, to steal
credit or debit card information from
unsuspecting users. The skimmer is usually
placed on or near a legitimate card reader,
such as an ATM or a gas pump, and is
designed to look like a part of the machine.
@whereislohith

When a user inserts their card into


the skimmer, it reads the magnetic
stripe on the card and stores the
information, including the card
number and expiration date. The
criminal can then use this
information to create a counterfeit
card or make unauthorized
purchases.
@whereislohith

ATM Jackpotting

ATM jackpotting is a type of attack where criminals take


over an ATM and force it to dispense cash using
malware or other methods
Criminals often require physical access to the ATM in
order to put malware or other software on the device in
order to carry out an ATM jackpotting the attack. Once
the virus or programme is set up, it can grant the
attacker complete access over the ATM, enabling them
to go bypass security and withdraw cash..
@whereislohith
Atm jackpotting Malware

1.Ploutus
2.cutlet Maker
3.Tyupkin
4.GreenDispenser
5.ATMitch
@whereislohith

blackbox method in ATM hacking


A Black Box attack is when a hacker either opens
the ATM case to reach the cable connecting the
ATM's computer to the ATM's cash box (or safe).
Attackers then connect a custom-made tool,
called a Black Box, that tricks the ATM into
dispensing cash on demand
69 percent of the ATMs they tested were
vulnerable to such attacks and that on 19 percent
of ATMs, there were no protections against Black
Box attacks at al
Black Box attack scenario @whereislohith
@whereislohith

EXISTING Kiosk mode

In an ATM, a software configuration known as kiosk


mode limits users' access to the operating system and
other programs, allowing only a predetermined set of
features to be accessed by users.
In kiosk mode, the ATM is configured to display only
the necessary information and functionality required
to complete transactions, such as cash withdrawals or
balance inquiries.
@whereislohith

Researchers found that by


plugging a device into one of
the ATM's USB or PS/2
interfaces, they could pluck
the ATM from kiosk mode and
run commands on the
underlying OS to cash out
money from the ATM safe.
@whereislohith
EXISTING Kiosk mode Scenario
@whereislohith

Atm Network Attacks


Researchers said that 27 percent of the tested ATMs were
vulnerable to having their processing center
communications spoofed, while 58 percent of tested ATMs
had vulnerabilities in their network components or services
that could be exploited to control the ATM remotely.
Furthermore, 23 percent of the tested ATMs could be
attacked and exploited by targeting other network devices
connected to the ATM, such as, for example, GSM modems
or routers.
Atm network Attack scenario @whereislohith
@whereislohith

Connecting USB to inject Malware into ATM


92 percent of the ATMs tested by specialists were reported to
be insecure. The ATMs either didn't have a BIOS password, used
one that was simple to guess, or didn't use disc data encryption,
which is why this happened.
Researchers claimed that during their tests, which ordinarily
took no longer than 20 minutes, they altered the BIOS boot
order, started the ATM from their own hard drive, and modified
the normal OS on the genuine hard drive of the ATM, changes
that might have allowed cash withdrawals or ATM skimming
operations.
@whereislohith

Connecting a usb to inject malware into ATM scenario


@whereislohith

Changing boot mode as a part of cashout


Researchers discovered that an ATM attacker
could restart the machine and compel it to
boot into a safe/debug mode if they had
physical access to the ATM.
As a result, the attackers would have access to
various debugging tools or COM ports, giving
them the ability to infect the ATM with
malware.
42 percent of the ATMs tested by researchers
were vulnerable, and the attack took less than
15 minutes to complete.
@whereislohith
Changing boot mode as a part of cashout Scenario
Thank
you!!

You might also like