News

Video: IBM white hat hacker demonstrates how to jackpot ATM

October 1, 2019

In the U.S., most ATM deployers are busy upgrading their ATMs from Windows 7 to Windows 10 before the mid-January deadline. 

But according to one white hat hacker, most of the world's more than 3 million ATMs are still running Windows XP, a platform that Microsoft stopped supporting in April 2014.  

That's a problem, because it makes them more vulnerable to hacks, Charles Henderson, the global head of IBM's X-Force Red security team, told CNET. 

"You have a lot of ATMs across the country that still run Windows XP," he said, indicating that even in the U.S., many ATMs are still running an outdated operating system.

A video taken by CNET at the 2019 Black Hat cybersecurity conference in Las Vegas shows Henderson demonstrating how to jackpot an ATM running Windows XP using a custom Linux application. 

In a jackpotting attack, hackers access an ATM's physical and digital security, install malware and establish remote access. With the hardware and software modifications in place, the cybercriminals can then remotely instruct the machine to spew cash, often without the bank noticing. 

"ATMs are architected in a very similar way to a home PC," David Byrne, X-Force's head of methodology, said in the video. "In fact, often times it may be more vulnerable because of the difficulty in patching ATMs that are distributed across a wide geographic area.

Most of the ATMs don't have a support staff that is standing there, and if the bank has to send someone out to each ATM to install software, it significantly increases cost, so they are usually very conservative about which patches and which software they push out."

Watch the video: