PDA

View Full Version : Robbing a Gas Station: The Hacker Way



AdamG
06-08-2013, 04:07 PM
Thieves of the future will look back on today’s stick-up artists and have a good old belly laugh. Why would anyone ever rob a cashier with a gun, when all that is needed is a smartphone?

Matt Bergin, a security consultant at Core Security, discovered he could hack a cash register remotely, popping it open, by sending two digits from his smartphone to the service running on the cash register’s point-of-sale system. No gun or holdup note was required. He was able to do so through a vulnerability in Xpient, which makes point-of-sale software that runs on cash drawers.

http://bits.blogs.nytimes.com/2013/06/06/robbing-a-gas-station-the-hacker-way/?src=recg

davidbfpo
06-08-2013, 06:24 PM
Adam,

The insecurity of a new contactles card payment system here has featured on at least two BBC consumer affairs programmes. Understandably they emphasis the ordinary customer being vulnerable, even a person passing a terminal. I expect criminals will be studying what they can gain, but to date the purchase limit is very low (about US$15 IIRC).


Marks & Spencer have equipped their tills with not just card readers but with dual function M&S card readers. They accept contactless cards in the same terminal as normal Chip and PIN transactions. But who decides which card is used to pay? The customer - or the terminal? Many listeners tell us the machine takes the payment from a random contactless card in their wallet before they put their chosen card into the machine.

Link:http://www.bbc.co.uk/programmes/b01shqc7

AdamG
06-14-2013, 06:58 PM
David,
Welcome to the Cyber-Punk Reality of Today. May I suggest some reading music (http://youtu.be/Vt0q6uflFMU) for this:


A group of hackers and identity thieves has been charged with stealing at least $15 million from 15 financial companies, among them JPMorgan Chase (JPM), Citigroup (C), E*Trade (ETFC), PayPal (EBAY), TIAA-CREF, and TD Ameritrade (AMTD). The perpetrators of the scheme, which operated for nearly two years, were a group of hackers led by two Ukrainian nationals, according to authorities. Eight men have been charged, and four are in custody, reports The LA Times.
http://www.dailyfinance.com/on/cybercriminals-hack-banks-15-million-dollars/