Hackers Show How Simple It Is to Hack ATMs for Free Cash.
When Khaled Abdel Fattah a small-time Tennessee restaurateur was running short of cash went to an ATM. According to the federal prosecutors he went to a lot of them, in over 18 months he visited many small kiosks ATM’s around Nashville and withdrew a total of $400,000 is 20 dollar bills. The only problem was that the money withdrawn wasn’t his money.
Fattah and an associate named Chris Folad are alleged with 30 computer frauds and conspiracies, after an investigation done by the secret services showed evidence against the men that they had intentionally robbed the cash machines using nothing more than the keypads and some knowledge.
- This was done by using a special button sequence and some knowledge. They supposedly made the ATM’s believe that they were distributing 1 dollar bill bills instead of 20 dollar bills that were actually dispensed by the cash trays. Thus a withdrawal of 20$ made the machine withdraw 400$ in cash, giving a profit of 380$ as the first 20$ were withdrawn from their own bank accounts as they were using their own ATM cards.
As charged, the stunt is an unusually successful example of a low quality ATM hack used for minor theft in the past. It shows vulnerabilities in the ATM machines made by the Tranax technologies and Trident which were showcased in a legendary ATM jackpotting demonstration delivered at the Black Hat conference in 2010 by security researcher Barnaby Jack.
- The demonstration showed the weaknesses of the ATMs made by both the companies. Showing that the Tranax machines can be hacked and reprogrammed over dial up without any physical contact and the Trident ATMs that could be opened and could be reprogrammed using a usb port physically. This gives a reminder of the security weaknesses in the kiosk ATM’s.
- Criminals at the street level have found another weakness in the machines which requires no software or gear. These machines (kiosk ATM’s) can be placed into an operator mode by simply pressing a sequence of buttons on the keypad. From this mode the number of variables can be manipulated like the number of bills loaded in the machines currency cartridges. This mode is secured by a secret six digit code which one of the defendants Fattah already knew, as he used to work for a company that operated the machines.
- Fattah involved his friend folad in to the scheme intentionally, they began visiting the cash machines is January 2009, they would first use the secret code to change the denomination of the bills on the denomination register of the machine, then after making the withdrawals they would change the configuration back. They repeated the scam all over town and made 400,000$ by March 2010. This was the money the government was hoping to seize.
According to the government they had made a few mistakes in the mischief including, using debit cards on their real names to withdraw money from the account and being captured on the videos of the surveillance cameras installed on the ATM machines. The amount withdrawn (400,000) from the point of view of Nashville is unusually high but many thieves have pulled similar currency switching scams with even more returns. Those people didn’t make the mistake of using their own debit cards and used prepaid debit cards that can be bought from shops like Walgreens.
In 2005 it was discovered that the factory set master passcodes of the machines were printed inside the service manuals which were available online. These manuals advised the users to change the passcode on their first use but many small business owners never made the change. This led to a unique phenomenon of having as a street crime. The scheme went viral in 2006 when a man was looting an ATM at a Virginia gas station and was caught through the video of the surveillance camera.
- After that the Trinton and Tranax made changes in the programming of the machines which forced the user to change the passcode on the first use. Machines that were already in use were still vulnerable and many reports of new crimes came in repeatedly. In 2007 a convenience store in Pennsylvania was hit for 1,540$ by an unidentified man in shorts. In 2008 the Lobo’s City Mex in Lincoln were hit for 1400$ by two 21 year old men in three different visits but were caught on the 4th In 2010 a man who worked in a grocery store was turned in to the FBI by a coworker as he was planning to loot 30 different ATM’s while wearing a wig and he was sentenced to 37 months in jail.
Currency switching thefts are now considered to be rare but some evidence show operator passcodes still creating problems, as in last June two 14 year old boys guessed the six digit passcode of an ATM machine in a grocery store perfectly after reading instructions on the internet on how to gain operator access to a bank’s ATM machine but the boys immediatelyinformed the bank and the passcode was then changed.
Originally from http://hackread.com/hackers-show-how-to-hack-atms-for-free-cash/