Let’s Play ATM Or Slot Machine?

Barnaby Jack is at it again.

Researcher Demonstrates ATM ‘Jackpotting’ at Black Hat Conference

In a city filled with slot machines spilling jackpots, it was a “jackpotted” ATM machine that got the most attention Wednesday at the Black Hat security conference, when researcher Barnaby Jack demonstrated two suave hacks against automated teller machines that allowed him to program them to spew out dozens of crisp bills.

The demonstration was greeted with hoots and applause.

In one of the attacks, Jack reprogrammed the ATM remotely over a network, without touching the machine; the second attack required he open the front panel and plug in a USB stick loaded with malware.

Jack, director of security research at IOActive Labs, focused his hack research on standalone and hole-in-the-wall ATMs — the kind installed in retail outlets and restaurants. He did not rule out that bank ATMs could have similar vulnerabilities, though he hasn’t yet examined them.

The two systems he hacked on stage were made by Triton and Tranax. The Tranax hack was conducted using an authentication bypass vulnerability that Jack found in the system’s remote monitoring feature, which can be accessed over the Internet or dial-up, depending on how the owner configured the machine.

Tranax’s remote monitoring system is turned on by default, but Jack said the company has since begun advising customers to protect themselves from the attack by disabling the remote system.

To conduct the remote hack, an attacker would need to know an ATM’s Internet IP address or phone number. Jack said he believes about 95 percent of retail ATMs are on dial-up; a hacker could war dial for ATMs connected to telephone modems, and identify them by the cash machine’s proprietary protocol.

The Triton attack was made possible by a security flaw that allowed unauthorized programs to execute on the system. The company distributed a patch last November so that only digitally signed code can run on them.

Both the Triton and Tranax ATMs run on Windows CE.

Using a remote attack tool, dubbed Dillinger, Jack was able to exploit the authentication bypass vulnerability in Tranax’s remote monitoring feature and upload software or overwrite the entire firmware on the system. With that capability, he installed a malicious program he wrote, called Scrooge.

Scrooge lurks on the ATM quietly in the background until someone wakes it up in person. It can be initiated in two ways — either through a touch-sequence entered on the ATM’s keypad or by inserting a special control card. Both methods activate a hidden menu that allows the attacker to spew out money from the machine or print receipts. Scrooge will also capture track data embedded in bank cards inserted into the ATM by other users.

To demonstrate, Jack punched the keys on the typed to call up the menu, then instructed the machine to spit out 50 bills from one of four cassettes. The screen lit up with the word “Jackpot!” as the bills came flying out the front.

To hack the Triton, he used a key to open the machine’s front panel, then connected a USB stick containing his malware. The ATM uses a uniform lock on all of its systems — the kind used on filing cabinets — that can opened with a $10 key available on the web. The same key opens every Triton ATM.

Two Triton representatives said at a press conference after the presentation that its customers preferred a single lock on systems so they could easily manage fleets of machines without requiring numerous keys. But they said Triton offers a lock upgrade kit to customers who request it — the upgraded lock is a Medeco pick-resistant, high-security lock.

. . .

Jack said that so far he’s examined ATMs made by four manufacturers and all of them have vulnerabilities. “Every ATM I’ve looked at allows that ‘game over.’ I’m four for four,” he said at the press conference. He wouldn’t discuss the vulnerabilities in the two ATMs not attacked on Wednesday because he said his previous employer, Juniper Networks, owns that research.

Jack said his aim in demonstrating the hacks is to get people to look more closely at the security of systems that are presumed to be locked down and impenetrable.

See also:
Bunker-busting ATM attacks show security holes
Hacker breaks into ATMs, dispenses cash remotely
Security researcher demonstrates ATM hacking
Black Hat: Hacker Tricks ATMs Into Raining Cash
Researcher shows how to hack ATMs with “Dillinger” tool
Armed with exploits, ATM hacker hits the jackpot
Powered By Microsoft Windows
IOActive Labs
Tranax Technologies
Triton Systems

All your ATMs are belong to Barnaby Jack!

/I’ll bet Barnaby is really well paid and gets plenty of job offers from the Black Hats as well as the White Hats

Just Build The Damn Stadium!

We’ve already built partially taxpayer funded arenas/stadiums for the Wild, the Twins, the Gophers and now it’s the Vikings’ turn. The Vikings’ Metrodome lease is up after the 2011 season and they won’t renew it. The NFL has already made it quite clear that, unless the Vikings get a new stadium commitement soon, they’ll move the franchise out of Minnesota.

There’s no more road to kick the can down. It’s time to put up, shut up, and do the right thing, build the Vikings a new stadium. Are Minnesotans really willing to lose the crown jewel of Minnesota professional sports, the Vikings NFL franchise? I’m sure not. Remember the collective state angst when hockey left Minnesota in 1993? It took seven years and cost us a new arena to bring professional hockey back to Minnesota. Let’s not make that mistake again.

Vikings: Our turn for a new stadium

With an undefeated team, a megastar quarterback and a big game coming up Monday, the Vikings were back at the State Capitol on Thursday to spark interest in the one thing they do not have — a new stadium.

Vikings spokesman Lester Bagley again told legislators that the team would not renew its Metrodome lease, which expires after the 2011 season. Bagley also said that owner Zygi Wilf is increasingly battling pressure from other National Football League owners.

“They don’t ask how’s [star running back] Adrian Peterson doing,” Bagley said. “They ask him how is the stadium doing, because the NFL is subsidizing this market to the tune of $15 million to $20 million a year.”

The Vikings, who are seeking an estimated $700 million in a “public-private partnership,” have made their pitch to the Legislature on repeated occasions, to little effect.

Of course, even though we’ve done it for every other major sports team in Minnesota, no one likes to spend taxpayer money on stadiums for rich team owners, especially with today’s economy. Unfortunately, we have no other choice anymore, we either pony up for a new stadium this year or we lose our NFL franchise, it’s that simple.

Or is there another choice? Well, what do we have here? Why, it’s a man with a plan!

Will slots help Vikings get a new stadium?

Trying to jump-start interest in a new Minnesota Vikings stadium, a Republican legislator on Monday proposed a constitutional amendment to add slot machines to the state’s two horse-racing tracks and use the proceeds to build the stadium.

Rep. Tom Hackbarth, R-Cedar, said his latest plan was a “little bit of a twist” to a failed effort earlier this year for a constitutional amendment to create another casino in Minnesota and put the profits toward a stadium.

Hackbarth said his latest plan is different because “it’s not an expansion of gambling,” since Minnesota racing tracks already allow gambling in the form of card games.

“I don’t know what else we’re going to do if we don’t go to gaming,” said Hackbarth. He said legislative leaders were “kind of sticking their heads in the sand.” The Vikings’ lease expires in 2011 at the Metrodome, a venue that has been their home for more than a quarter century but which the team says is now outdated and a financial drag.

See also:
Vikings stadium issue is past due, says Lester Bagley
Pawlenty says Minnesota needs to keep Vikings
A New Vikings Stadium: Why It Isn’t Such a Horror Story
District 48A Rep. Tom Hackbarth announces Vikings stadium plan
Lawmaker Suggests Gambling Money For New Vikings NFL Stadium

So, let me see if I’ve got this straight. All we have to do is add slot machines to two existing horse tracks, that already have card game gambling, so we’re not opening any new casinos or expanding gambling to any new locations, and we can build a new Vikings stadium without costing the taxpayers any money?

What the [expletive deleted] are we waiting for? Oh yeah, I forgot, the politicians.

/I swear, if we lose our NFL franchise because the politicians can’t get their act together and get a Vikings stadium deal done, especially when a perfectly reasonable, no cost to taxpayers, solution is being served up to them on a silver platter, I’m going to be really, really pissed, along with the majority of Minnesotans