Nobody would wish this ATM hack to fall in the hands of thieves

by Technology VistaBlog / News
ATM Hack
Shares

ATM frauds have become quite common nowadays. There are various ways to secure them but the hackers always seem to be a step ahead. The chip-and-pin or EMV was supposed to be a safer and more secure counterpart but a new ATM hack demonstration presented by Rapid 7 (a small team of security engineers) at the Black Hat, a hacker conference in Las Vegas, shows the vulnerability of the same.

The hack involves a ‘shimmer’, a skimming device that intercepts the signal between the ATM (or POS) machine that facilitates a MiTM (man-in the-middle-attack) once the card is inserted. This device then enables the hackers to not only retrieve data from the card but also replicate the chip and the magnetic strip in addition to the PIN as the customer enters it. After accomplishing this important step, the only thing that remains to be done by the hackers is downloading this data to recreate the victim’s card and us it in the same ATM.

The most unfortunate fact about this hack is that to pull-off this hack, no elaborate or hard-to-find tools are needed. The entire demonstration set-up as presented by the security engineers required around $2,000 and some common items like Raspberry Pi. And using this simple hack, the team was able to use a common chip-and-pin card to withdraw money from an ATM in under 15 minutes!

One thing is to be noted though that the chip-and-pin card does have a security feature that offers some help should this unfortunate thing was to happen to you. The trick is that the chip creates a unique transaction code for each new transaction. Since hackers have the resources and technology to use this card only once, it is still a bit safer than its magnetic stripe predecessor. But just to let you know and make you more attentive, even with a single trial and swipe, the hackers could you poorer by up to $50,000 in a single go.

As a technology lover you may like our daily important technology news series. It’s a playlist and you can retrieve the total day-wise videos. Please consider subscribing our YouTube channel:

Author: Technology and Beyond

Shares
Tagged : /
Verified by ExactMetrics