NFC flaws let researchers hack an ATM by waving a phone

WIRED

from Ars Technica - All content on 2021-06-25 19:52 (#5KHQR)

Enlarge (credit: Chalongrat Chuvaree | Getty Images)

For years, security researchers and cybercriminals have hacked ATMs by using all possible avenues to their innards, from opening a front panel and sticking a thumb drive into a USB port to drilling a hole that exposes internal wiring. Now, one researcher has found a collection of bugs that allow him to hack ATMs-along with a wide variety of point-of-sale terminals-in a new way: with a wave of his phone over a contactless credit card reader.

Josep Rodriguez, a researcher and consultant at security firm IOActive, has spent the last year digging up and reporting vulnerabilities in the so-called near-field communications reader chips used in millions of ATMs and point-of-sale systems worldwide. NFC systems are what let you wave a credit card over a reader-rather than swipe or insert it-to make a payment or extract money from a cash machine. You can find them on countless retail store and restaurant counters, vending machines, taxis, and parking meters around the globe.

Read 12 remaining paragraphs | Comments

index?i=TygCFLEftf4:_a_8evnGTmg:V_sGLiPB

index?i=TygCFLEftf4:_a_8evnGTmg:F7zBnMyn

Source	RSS or Atom Feed
Feed Location	http://feeds.arstechnica.com/arstechnica/index
Feed Title	Ars Technica - All content
Feed Link	https://arstechnica.com/