Hacking Next-Gen ATMs: From Capture to Cashout

by Weston Hecker Sept. 15, 2017 via www.blackhat.com submitted by belen_caty

This talk will demonstrate how a $2000 investment can perform unattended "cash outs," touching also on failures in the past with EMV implementations and how credit card data of the future will most likely be sold with the new EMV data - with a short life span. This talk will include a demonstration of "La-Cara," an automated cash out machine that works on current EMV and NFC ATMs. "La-Cara" is an entire fascia placed on the machine to hide the auto PIN keyboard and flashable EMV card system that silently withdraws money from harvested card data. This demonstration of the system can cash out around $20,000/$50,000 in 15 min. With these methods revealed we will be able to protect against similar types of attacks.


Steven Ulm 1 month ago

This is crazy. But I don't doubt it is already being "practiced" through these methods...