When I was in school, I used to play outdoor games like basketball and badminton. When I was in college, I started taking more interest in playing computer games rather going out. But nowadays, children have completely changed their hobbies to programming, hacking, bug bounties in such a ways that just in half an hour of lunch break between classes they hacked ATM machine.
A pair of ninth grade students, Caleb Turon and Matthew Hewlett, both 14 year old broke into a Bank of Montreal ATM during their lunch hours between classes by following an old ATM operators manual found online.
The duo used the online manual to access the operator mode of the ATM machine in Winnipeg. They didn’t use the accessed data to steal any amount from the ATM, rather they simply broke into the ATM machine and printed off information including users’ transaction data, surcharge profits and the total cash held in the unit.
HOW THEY HACKED INTO ATM MACHINE?
Turon and Hewlett were not expecting the hack to work but when the machine asked for the administrator password and the pair gained access to the data of the machine by their first guess, a six-character long password indicating the ATM had default settings enabled, The Winnipeg Sun reported Sunday.
The teenagers then immediately reported their hack to bank employees at the BMO Charleswood Centre branch on Grant Avenue, who first assumed the boys had solely acquired the PIN numbers of one of the ATM customer.
"I said: 'No, no, no. We hacked your ATM. We got into the operator mode,'" Hewlett said after being asked for the proof of their hack by the bank's head of security.
"So we both went back to the ATM and I got into the operator mode again," Hewlett said. "Then I started printing off documentations like how much money is currently in the machine, how many withdrawals have happened that day, how much it's made off surcharges. Then I found a way to change the surcharge amount, so I changed the surcharge amount to one cent."
To aware ATM users, the duo changed the ATM's welcoming message from "Welcome to the BMO ATM" to "Go away. This ATM has been hacked."
Neither Matthew Hewlett nor Caleb Turon are facing any type of criminal charges related to the ATM hacking, instead they're actually being applauded by the bank employees and people online for exposing a serious security risk to the bank and for the honesty of the two.
The branch manager even wrote a note to school administrators to excuse both for being late returning from their lunch hour. "Please excuse Mr. Caleb Turon and Matthew Hewlett for being late during their lunch hour due to assisting BMO with security," reads the note.
The BMO bank, which has more than 900 branches across Canada with over seven million customers in US, said it was aware of the reported incident and has already taken actions to prevent unauthorised access to its ATM machines, which may have involved changing the default passwords on all of its ATMs.
Reference- http://thehackernews.com/
No comments:
Post a Comment