Two Canadian kids have made a mockery of bank security by hacking
into an automatic teller machine during a break between classes.
The
14 year old duo Caleb Turon and Matthew Hewlett broke into a Bank of
Montreal ATM during school lunch by following an online manual for
accessing the machine's administrator functions.
The security charade continued when the pair, after being asked by
the bank's head of security for proof of their hack, simply broke back
into the machine and printed off information including transaction data,
surcharge profits and the total cash held in the unit.
Turon and
Hewlett gained access to that data by guessing the administrator
password on their first attempt, indicating the ATM had default settings
enabled.
The rascals took it upon themselves to perform a civic
duty by dropping the surcharge for transactions to one cent and changing
the welcome display screen to: "Go away. This ATM has been hacked".
Hewlett told the Winnipeg Sun they did not expect the hack to work.
"We thought it would be fun to try it, but we were not expecting it to work," he said.
The bank wrote the pair a lunch late note excusing them as they were "assisting BMO with security".
The
kids may have discovered one of a handful of websites that contained
very detailed documentation explaining how to access administrative
functions of ATMs.
Those forums existed ostensibly to help service
people to access a variety of ATM makes and models but could be used by
criminals (or apparently children) to break into the units.
The bank said customer information was not compromised and it would review security of its ATMs.
No comments:
Post a Comment