ATM’s Robbed Via Samsung Galaxy Note 4 Smartphone – Hello guys welcome back to techno Sensations. We have a breaking news this time. Yes ATM’s have been robbed via a simple galaxy note 4 smartphone. So just telling you how all it happened. While this is quite amazing !
Image Source Hackread Cybercriminals have found an effective and simple way to dispense cash from the ATMs through a smartphone without inserting a card. In this case the device used was Samsung Galaxy 4 smartphone.
The smartphone is used to relay commands from a remote individual.
The hackers target poorly protected ATMs, for instance standalone units, ones located in isolated, dimly lit places, because it requires physical access to the system’s internals.
The hackers disconnect the cash dispenser from its legitimate computer and connect it to the malicious smartphone instead.
In one case, the perpetrators used a circuit board with USB connection to hook it to the system. Called as “black box attacks,” they are mostly used against NCR- manufactured units,said Brian Krebs, a security blogger.
NCR is a major player in this market and their products have been the attack target in the past as well; in an earlier attack, CD-ROM of the ATM’s computer was compromised and a machine-
controlling malware uploaded.
NCR had problems deciphering the communication between the ATM machine and the fraudster, who appeared to be commanding
the machine from a remote server.
Till date, NCR has reported only two black-box attacks. But the company has issued an updated firmware with stronger
encryption to protect communication between the cash dispenser and the computer.
Earlier, the encryption key exchange depended upon a specific authentication sequence.
“All things considered, this is a pretty cheap attack. If you know the right commands to send, it’s relatively
simple to do.
That’s why better authentication needs to be there,”said Charlie Harrow, solutions manager for global security at NCR.
The latest update also includes blocking the possibility of a roll- back to the vulnerable version of the firmware.
Article Source – hackread.com
Thanks to this site for providing this info.