Hackers can easily empty an ATM machine, efficient and discretely with the help of a device that’s worth $15.

Not very long ago, when thieves wanted to empty an ATM machine, they had to find a way to exploit them. Today, they are using something more discrete that allows them to take away all the money, leaving behind just a seven cm hole in the panel of the ATM.

Kaspersky put up a show and tell to prove this is possible and easy to do with a portable screwdriver and $15 worth of equipment that can inject commands into the ATM to make it throw money out. This technique is very simple and can be done in just a few minutes without attracting attention.

Kaspersky analyzed what hackers are doing and noticed that they connected to a port that gave them access to all the components of the ATM machine, from the computer that controls the user interface to the equipment that  controls the money. Moreover, the ATM was using a XOR cypher that was easy to crack and had no real authentication between the ATM’s modules. This means that the ATM could send commands anywhere, allowing hackers to command the machine to give money and make it look like the signal comes from the computerized system of the ATM machine.

Moreover, what is even more interesting is that Kaspersky managed to build its own device, even cheaper, that allows them to hack an ATM machine. They used a modem, Atmega micro controller that is normally found in Arduino micro computers, condensers, adapter and a 9 volts battery and they were all bought for less than $15.

hat is even more worrying is that using this equipment, Kaspersky managed to connect to the ATM in a matter of seconds and were able to withdraw as much money as the ATM had.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.