Researcher Discovers ATM Hack, Gets Silenced

Al writes "A researcher working for networking company Juniper has been forced to cancel a Black Hat presentation that would have revealed a way to hack into ATMs. The presentation focused on exploiting vulnerabilities in devices running the Windows CE operating system, including some ATMs. The decision to cancel was made to give the vendor concerned time to patch the problem, although the company was notified 8 months ago. The article mentions a growing trend in ATM hacking: In November 2008 thieves stole nearly $9 million from more than 130 cash machines in 49 cities worldwide. And earlier this year, the second biggest maker of ATMs, Diebold, warned customers in an advisory that certain cash machines in Eastern Europe had been loaded with malicious software capable of stealing financial information and the secret PINs from customers performing ATM transactions."

Re:WinCE when you say that

[Jamie's+Nightmare]

I call bullshit. We didn't even get to see the demonstration itself. It's entirely possible that the no OS could prevent the style of intrusion that was going to be demonstrated. But, you get get extra Microsoft bashing points just for pointing out the host OS used, whether or not it was part of the problem.

Re:WinCE when you say that

[Jamie's+Nightmare]

And a lot of them aren't very stable or fast, no matter what OS is used to host the ATM software application being used on the machine. The problem? Often it's the client software. Who gets the blame? The Microsoft OS. From who? Microsoft haters and immature Linux zealots.