Barnaby Jack from IOActive Labs showed during Black Hat conference how to force ATMs to spit out cash. He demostrated two types of attack on ATMs he bought via internet. For one a physical access was required, the second was remote.

"Every ATM I've looked at I've found the game-over vulnerability that lets me get cash out of the machine" - Jack said. He looked at four ATMs from four manufacturers. Two of them, both using Windows CE, he took to Black Hat.

In the first attack Jack used a master key he bought in the internet for 10 USD. It allowed him to open ATM's door and connect a USB key to the motherboard overwriting machine's firmware.

The second ATM was attacked from remote, using "Dilinger" software that exploits a flaw in the remote monitor authentication process. An successful attack allowed Jack to install rootkit called "Scrooge".

Machines that were attacked during Black Hat were made by Triton and Tranax companies. The first patched its products by making it impossible to install any software without digital key issued by the company.

Source:The Register
29.07.2010