DEF CON 32 - Where’s the Money-Defeating ATM Disk Encryption - Matt Burch
HTML-код
- Опубликовано: 16 окт 2024
- Holding upwards of $400,000, ATMs continue to be a target of opportunity and have seen over a 600% increase in crime in just the last few years. During this time, I led security research with another colleague into the enterprise ATM industry resulting in the discovery of 6 zero-day vulnerabilities affecting Diebold Nixdorf’s Vynamic Security Suite (VSS), the most prolific ATM security solution in the market. 10 minutes or less is all that a malicious actor would need to gain full control of any system running VSS via offline code injection and decryption of the primary Windows OS. Diebold Nixdorf is one of three major North American enterprise class ATM manufacturers with a global presence in the financial, casino/gaming, and point-of-sale markets. Similar attack surfaces are currently being used in the wild and impact millions of systems across the globe. Furthermore, VSS is known to be present throughout the US gaming industry, including most of the ATM/cash-out systems across Vegas.
In this session, I will publicly disclose this research, review the discovery process, and dive into the technical intricacies of each vulnerability. The Full Disk Encryption module of VSS conducts a complex integrity validation process to ensure a trusted system state, performed as a layered approach during system initialization. Examination of the workflow will highlight various deficiencies that I will demonstrate through PoC exploitation.
Each vulnerability presented in this session has been observed to have a recursive impact across all major versions of VSS and represents a systemic ongoing risk. We will explore the root-cause, vendor remediation steps, and short-comings thereof - perpetuating the attack narrative. In conclusion, proper mitigation techniques and procedures will be covered, providing valuable insights into defending against potential compromise.
Loved this talk
So sick!!!
I hope they paid the researchers a fat bounty on this one!
By the forth cve we need yo stop being surprised...... until he just chmod -x the executable
no jackpot?
We get it.... windows sucks
The echo in this audio is giving me a headache
Any binary we want wooo!! Accept for its been fixed. Nice
huh, what, were you expecting him to show us a secret handshake and then we each race back from the conference hall to the casino and we get money too0ol!!!!
hacking, free money, clout, smarter than the whole world, .... fucking criiiiiiinge
Lol