[Dataloss] ATMs vulnerable to digital break-ins

B.K. DeLong bkdelong at pobox.com
Fri Sep 22 12:53:23 EDT 2006


This has been floating around all week if not longer:

http://www.schneier.com/blog/archives/2006/09/programming_atm.html

but I think it's very important to get the word out as the media seems slow
on the uptake.

I've received multiple second-hand reports of successes with Triton, tranax
and MANY other brands of ATMs with Master Passwords available from manuals
found online. - in some cases on the vendor Web sites.

Regardless of whether the vendors take it down, they've been out in the wild
for who knows how many years and I believe they retain information of
transactions in the system accessible in this admin mode.I think of how many
kiosk ATMs I've used in the last few weeks at hotels and in the train
station etc.

Am I over reacting?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20060922/b7c40367/attachment.html 


More information about the Dataloss mailing list