Hacking a proprietary ATM security suite - and accidentally, casino equipment too: 6 vulnerabilities and how to find them. π§π° π¨π»βπ» πΈ
Security researcher Matt Burch shares his findings on Diebold Nixdorf ATM equipment - one of the biggest players in the ATM market. During his research, he discovered the proprietary xDR system known as Vynamic Security Suite (VSS), along with additional software used in ATMs.
While analyzing different versions of the software, the author found six vulnerabilities in the ATM security suite, reported them to the vendor, and shared the technical details in the paper.
βWhat adds an extra layer of interest here is that VSS was also introduced into casino equipment - another highly confidential industry that is very protective of its technical secrets.
Enjoy the research (details below), and feel free to share it with your colleagues and friends! π
More details:
Where's the Money - Defeating ATM Disk Encryption:
White paper [PDF]: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Matt%20Burch%20-%20Where%E2%80%99s%20the%20Money%20-%20Defeating%20ATM%20Disk%20Encryption-white%20paper.pdf
Slides [PDF]: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Matt%20Burch%20-%20Where%E2%80%99s%20the%20Money%20-%20Defeating%20ATM%20Disk%20Encryption.pdf
Presentation [Video]: https://lnkd.in/e86yr4CR
