Legal help for data breach compensation claims

ATM Chip and Pin hack revealed at Black Hat conference

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

While chip and pin is widely used in Europe, the US has only just started to use the technology.

Concerns across the pond are that this makes them a new target for hackers, according to researchers at the Black Hat conference in Las Vegas.

They demonstrated how hackers were able to use mostly unmodified ATM machines to dispense hundreds of dollars -similar to how hackers would possibly use the machines.

Tom Beardsley, security manager for Rapid7, who oversaw the hack, said:

“In the US we have finally caught up to the rest of the world who are using chip and pin”
“The state of chip and pin security is that it’s a little oversold.”

 

About the hack

The story is quite a concerning one as the “hack” was able to get ATMs to spit money out!

Rapid7 disclosed the vulnerabilities of the hack at the conference to major banks and ATM makers. Specifics were not shared in order to prevent the same technique being used, and whilst this story stems from the move in the U.S. to use chip and pin, we should all be concerned – especially since we use it so much over here in the UK.

The hack is a two stage process…

The criminals first modify the point-of-sale machines by adding a device which sits between the victims chip and the receptor in the machine where the card is inserted. This device is known as a shimmer.

The shimmer then reads the chip when the card is inserted. It also reads the pin that is entered and all of this information is sent to the criminals.

For the second part of the hack, criminals then download the information from the stolen card to a Smartphone which can basically recreate the card in any ATM.

The chip and pin is meant to add more security compared to people swiping the magnetic strip, which allowed criminals to copy the information on the cards and have unlimited access to the card information.

The chip and pin only provides a small window of opportunity making it harder for the criminals.

The ATM can be instructed to withdraw cash constantly, and at any point. This mean that criminals could have a vast collection of modified points of sale system that allows them to have a constant stream of cash.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Editor on August 10, 2016
Posted in the following categories: Hacking News and tagged with


Wolverhampton Council suffers huge data leak
Possible Yahoo data breach being investigated
%d bloggers like this: