Analecta Cyber Company Blog: Report: German ATMs vulnerable to hackers

2015-11-19

Report: German ATMs vulnerable to hackers

With several credit card hacking incidents regularly reported all around the globe, it appears that the only thing people can do to stop from being a victim of these malicious attacks is to use cash for all of their transactions. But it seems even that idea isn’t that safe anymore.



A recent report has surfaced in connection to the hacking of an ATM machine. The incident took place in Germany when a security researcher managed to hack an ATM and self-service terminal belonging to Sparkasse Bank. The hack allowed the researcher to access sensitive information from the payment card inserted into the machine.

The CEO of the security firm Vulnerability Lab, which is based in Germany, found out about the weakness while using a terminal from the bank. Suddenly the machine ejected his card, and the ATM’s status changed to "temporarily not available."

After that, the machine automatically started a software update process. This allowed the researcher to use a special keyboard combination to shift the machine into a different mode. He then forced the ATM system to put an update process console in the foreground of the warning message.

Sensitive information accessed

The security firm said in a blog post that using only an iPhone, the researcher managed to capture the bootChkN console output (Wincor Nixdorf) of the branch administrator.

Wincor Nixdorf, a company that manufactures ATMs, is one of the most famous company in the retail and banking industry. For that reason, it’s highly possible that other banking institution are also using the Wincor Nixdorf ATMs and self-service terminals  that could affected by the said vulnerability as Sparkasse Bank.

The security researcher was able to reveal numerous sensitive details, including the bank’s main branch office, usernames, serial numbers, firewall settings, its network information, computer name, device IDs, ATM settings, two system passwords and other relevant hardware related information.
The researcher then reported his findings to the bank. In a statement, bank officials acknowledged the issue and said they immediately started developing a patch for the uncovered vulnerability.