Windows-based ATM machine hacked, gets Painted

by Darren Murph, posted Feb 25th 2007 at 9:05PM

Although we wouldn't expect to find the latest release of Photoshop on your neighborhood ATM, it's not so far fetched to think that Paint would be left on a Windows-based ATM. We've seen a recent boost in cash machine hacking of late, and while this latest attempt doesn't siphon illegal coinage out of the slot, it does make for quite a laugh. Joining the pitiful array of other Windows-powered mishaps, a sharp cameraphone-toting individual spotted a local ATM that had a beautifully hand-crafted Paint message on the front screen in place of the typical "Insert your card to begin transaction," and while we've already said too much about a picture that speaks a million words, be sure to click on through to see how accessing an ATM's start menu can lead to all sorts of mischievous mayhem.

[Via Digg]

Filed under: Misc. Gadgets

Tags: atm, atm hack, AtmHack, hack, hacked, microsoft, paint, phoblog, windows, windows xp, WindowsXp

Reader Comments (Page 1 of 1)

Highly Ranked

Mainframe @ Feb 25th 2007 9:13PM

What kind of dumb bank uses an atm based on windows?!

they are just BEGGING for problems.

Highly Ranked

Reginald @ Feb 25th 2007 9:23PM

Just as bad, the Commerce banks here in downtown Philly use Windows 98 for their bankers' workstations. They often leave the computers on in plain sight when you walk by the window afterhours.

That just seems like it's asking for trouble (hopefully they don't use WiFi as well)

Neutral

John Doe @ Feb 25th 2007 11:36PM

US Bank for one. If it wasn't for the fact that I have about 6 accounts here I would go somewhere else. Windows\Mac\Linux. I don't give a crap who it is. I want ATM's to run a proprietary OS that isn't documented up the ass in the hacker world. I'm not advocating security by obscurity but damn it, you don't have to have your pants dropped for all the world to see. What this boils down to is the fact that a bank doesn't want to spend the time, effort, or money to code and integrate a proprietary OS into their network. Lazy cheap asses.

Highly Ranked

SHOTT3R @ Feb 25th 2007 9:20PM

The Automated Teller Machine Machine?

Neutral

Foof @ Feb 26th 2007 3:27AM

You talking about the one on Walnut on the first floor of the Rittenhouse Claridge?

Highly Ranked

ryan @ Feb 25th 2007 9:25PM

what's worse, they were apparently hacked by some sort of pokemon lover

Highly Ranked

Chris M @ Feb 25th 2007 9:30PM

I'll take my Windows hackers however they come, thank you.

Chris

Highly Ranked

Jesse @ Feb 25th 2007 9:41PM

Actually, I believe this is just a ticket retrieval machine. It is located at a Regal operated theater in Santa Cruz, California. I'll check it out tonight because I'm going to see Reno 911.

Neutral

Jesse @ Feb 26th 2007 3:06AM

Yep, it totally is just for buying tickets. No cash in this thing.

Neutral

Taylor @ Feb 26th 2007 4:18AM

That's at cinema 9!? Wow, i'm going to have to go play with that soon! Hehe, i love local hacks from worldwide web pages. :)
-Taylor

Neutral

Nick @ Feb 25th 2007 9:43PM

Keep in mnd that Mew is also an amazing band...not just a pocket monster.

Neutral

2Perfect @ Feb 25th 2007 11:17PM

yes it may be many other things, but we all know, deep in our hearts, that it's a pokemon ;)

Anyway, that's awesome. If I was able to hack into it, I would make it so the home screen is normal, but when you press something it shows a funny picture of some sort...

perhaps something like this:
http://www.explosm.net/merch/images/ch_lolfag.jpg

Highly Ranked

a ham sandwich @ Feb 25th 2007 9:48PM

does anybody else remember that almost all atms are videotaped? i have a feeling that the bank is the one who will be doing the pwning.

Neutral

D.B. @ Feb 25th 2007 10:20PM

This is true, but the camera in the ATM is only activated when someone inserts their card. They don't record 24/7. If someone were to "hack" into one, I seriously doubt that they would need an ATM card to do so.

Neutral

Me @ Feb 25th 2007 9:54PM

What do you mean hacked? How is it possible when your input is limited? The ATM input is the card and keyboard, the card reader reads within limited range, if your data on the magnetic strip does checksum then bam, rejected. The keyboard input is limited also. The machine should be wifi-ed at all and the backend should have a security process, in batches before its sent to the main system. The bank can on their end add graphics, menus, whatnot to their liking.

Neutral

kamokazi @ Feb 25th 2007 10:31PM

Start->Programs->Accessories->Accessibility->On Screen Keyboard

So you can type just fine, but you are correct, there would most certainly be a lot more back-end security.

Neutral

Jake @ Feb 25th 2007 9:55PM

Absolutely SHOTT3R. They've got to do a better job with these automated ATM machines. They make such a big deal out of picking a personalized PIN number, then they drop the ball.

Neutral

Daniel @ Feb 26th 2007 11:28AM

Automated ATM Machines?
Isn't that a bit redundant.

Neutral

OKThen @ Feb 25th 2007 10:04PM

The other non bank managed atms, some are hooked into a system that uses satellite transmitions. They are supposed to have encrypted transmitions. Still, the chips on board are supposed to limit the type of input data it'll process.

Highly Ranked

Nimrod @ Feb 25th 2007 10:05PM

Look at the picture seriously... That is NOT an ATM no matter how much you wish it was so you could laugh saying "windows powered ATM's how insecure, they should run linux!!"

Look at the output, looks like a ticket system of some sort.

Anyways, the big question is really how the picture was drawn, there is no input system besides a keypad so either it was an inside job (member of staff opened it up, perhaps a debug kit was used to connect mouse and keyboard) or someone really clever managed to somehow get that image on a somewhat closed system..

Anyways, I usually love Engadget for its quality news, this is just a bad attempt by an uneducated team member to attack "Windows" yet they dont even know what an ATM means.

Highly Ranked

Ricky @ Feb 25th 2007 10:15PM

Actually... it looks like a touch-screen which would explain why the letters look like they were drawn with finger paint.

Highly Ranked

Dave @ Feb 25th 2007 10:15PM

Yeah, this was probably just set up. If by some crazy chance a customer managed to put in the debug code, they might have used the touchscreen to draw that picture. A lot of ATMs have touchscreens now. And above all, if someone managed to get into Windows, it's not like there's a program on there that says "FREE CASH FOR HAXXORZ." Any sensitive information wouldn't be stored directly on the ATM.

Neutral

LiQuiD_FuSioN @ Feb 25th 2007 10:28PM

LOL @ "what's worse, they were apparently hacked by some sort of pokemon lover"

True, I was thinking the same thing. "Mew", the ultra-rare Pokemon monster in the game/card series comes to mind.

Also - "Keep in mnd that Mew is also an amazing band...not just a pocket monster."

Never heard of "Mew" the band, but even if it was, the Pokemon version is much more well known.

Neutral

Scott S @ Feb 26th 2007 12:28AM

Believe it or not, Bank of America uses Windows NT 4.0, Windows 2000, and Windows XP on most of their ATMs. However, they are locked down to the bare minimum and it’s only able to run their software and nothing else. My wife used to do security work at The Bank of New York at one of their data centers in NJ. Lot’s of NT machines and AS/400’s

Neutral

grub @ Feb 26th 2007 1:16AM

Majority, if not all atms run nt/xp. They used to all be os2 though...

Neutral

Andrew Fong @ Feb 26th 2007 1:57AM

Doesn't MS sell stripped down features of Windows for machines like this? I mean, isn't the purpose of Windows CE so you can avoid this problem?

Neutral

mark @ Feb 26th 2007 2:56AM

This is what I ran into a couple of weeks ago in my home city, Amsterdam.
http://troep.pith.us/DSC00080.jpg
I'm not that experienced with Windows, but it looks like Windows 95 to me.

Neutral

Will @ Feb 26th 2007 3:21AM

I'll take your word for it Jesse and everyone else who are familiar with this machine:

H-O-A-X...

Slow news day.

Neutral

Reginald @ Feb 26th 2007 12:35PM

Yup. That's the one.

Their computer screens even face Walnut Street in plain sight (vagrants sleep in the ATM lobby after-hours so apparently nobody pays attention to the bank).

Neutral

Foof @ Feb 26th 2007 3:27AM

From the report, it sounded like someone happened upon a app-crashed system with an exposed start menu, and loaded up MSPaint. No hacking was really suggested.

I've seen a few crashed ATM machines. I even have a picture of one auto-rebooting after a BSOD - it cycled through the Win2K splash screen and then error'd out :P

http://img149.imageshack.us/img149/4301/dsc1973by2.jpg

Neutral

duke @ Feb 26th 2007 3:39AM

this is got to be funniest shit from this site I've ever see

Neutral

Fran @ Feb 26th 2007 4:14AM

Windows 95 is still used by some banks here in Ireland.

Neutral

Guffy @ Feb 26th 2007 5:26AM

Misleading headline. It never mentions anything about any hacking going on in the actual context. What is up with that? The machine was NEVER hacked! So why would you put that in the title to bash windows? It clearly states on the original reference page that "There was some cheap ATM machine touch screen thing at Cinema 9, but it was blank cept for a gray line at the bottom.". So when the machine booted up, the ATM software probably was not loaded properly and the windows interface was exposed. It is probably a movie-ticket ATM and not a real bank ATM anyhow. Yes, those are called ATMs as well.

I was at the local Loews cinema the other day and two of the ticket machines were down with some kind of error msgs showing. When they rebooted them, a windows xp logo appeared. They were running WinXP with the movie ticket software running coded in Java. It was that program that had failed (printer was out of paper and hence the software failed to load). Anyways, my point being, dont always bash windows, its not their fault for whatever software you put on the machine.

Bank ATMs do not run windows, as they run their own whatever-bank-OS-like-software. This is a pretty useless news post.

Neutral

zoara @ Feb 26th 2007 8:07AM

Not true. My local bank ATM runs Windows - I tried to get some cash out one day and the damned thing rebooted on me and stole my card. Natwest, in Mold, North Wales.

Neutral

D. @ Feb 26th 2007 7:46AM

Many ATMs are Windows based, everybody that had one crash on them can confirm that. I had several crash on me on various occasions. Once it happened when I was on holiday and it ate my CC. I was really lucky to have a second card at hand. It just shows how much the banks really care for their customers' data/card safety.

Neutral

strider_mt2k @ Feb 26th 2007 7:50AM

Whatever machine it is it could have been running Windows XP Embedded, although that flavor is supposed to be pretty robust.

My local bank still uses Windows 95, and it's a major bank. (Rhymes with Tommerce)

Neutral

Eric Glassman @ Feb 26th 2007 8:39AM

LMAO.

Neutral

Samuel McConnell @ Feb 26th 2007 9:35AM

Actually, at least on Diebold ATMs, the camera does indeed record 24/7.

Neutral

Fidelio @ Feb 26th 2007 10:02AM

Wow... if this really is an ATM, the company in charge of developing the software that runs over Windows doesn't know what they are doing. If the UI runs over Windows, there are ways to specify your shell to be that specific application and to restart the application in case it gets closed somehow. Also, if you use Windows embedded, you can specify the exact modules of the OS you want loaded on the machine, so there is no need to have Paint in there.

Definitely, an amateurs job (in regards of the original application running on that device).

Neutral

PDubNYC @ Feb 26th 2007 2:04PM

god you're slow. Try reading the reference post and see that it is a joke.

Neutral

Zeb @ Feb 26th 2007 12:03PM

Yes, this is definitely a movie ticket machine, not an ATM.

Interesting side note however, the automated check-out machines at all wal-mart stores use windows XP Pro, im pretty sure its embedded though.

And sometimes the machines that the cell phone salesbooths run on windows 2000 embedded.

We used to mess around on them when I worked there.

Neutral

Foof @ Feb 26th 2007 1:22PM

Lol, I know that one well. I've decided not to walk into the vestibule a few times because a homeless guy was standing inside (probably nothing to worry about of course, but man, it is supposed to be a bank).

I wonder if the flute-lady still sits outside playing.

Commerce bank is pretty sweet though - free Coinstars, open 7-days a week. Wish we had it back here in California!

Neutral

patsy @ Feb 26th 2007 2:11PM

Actually, it doesn't even always take much "hacking", sometimes a bit of chance is all that's needed. One time I went to my local AmSouth ATM inside a food court to withdraw some cash, the machine was sitting wide open booted to the Windows desktop, with a keyboard and mouse tray + mouse pulled out, and nobody in sight. The guy apparently went back to his truck for some reason, or perhaps took a potty break, without bothering to lock the thing back up. I was very tempted to launch Solitaire and leave it running to freak him out, but someone with more nefarious intentions could have fairly easily plugged in a USB Wifi dongle and launched a VNC server to get back in at their leisure. If I had taken a picture of the scene, I'm pretty sure I could have gotten the guy fired.

Neutral

ben @ Feb 26th 2007 2:35PM

This machine doesn't look like it prints reciepts, it would have slots for both cash and receipts if it was an ATM. I agree with the earlier post that this is probably an automated ticket seller at a movie theater, with that the ticket stub is the receipt.

Neutral