Virginia grocery store home to least secure ATM weve ever seen

first_imgScammers have gotten pretty good at hiding their insidious ATM modifications. They can be nearly invisible sometimes. On this machine, however, the danger is painfully obvious.These pictures were submitted to security researcher Brian Krebs by one of his readers. It’s an ATM that sits out in the lobby of a small grocery store in Northern Virginia, and it looks like whoever was responsible for getting it connected to the Internet left in a big hurry.Little standalone ATMs like this are exposed enough when they’re installed properly. This one is blowing an airhorn and waving a giant flag that says “hack me” in big, fluorescent letters.That black box sitting on top is an antenna which the machine relies on for its wireless Internet connection. Underneath is a Cisco router, which was presumably installed to add a layer of security to the installation.If that’s really why it’s there, though, you’d think it wouldn’t have just been plopped on top of the machine. You’d also think that there wouldn’t be three additional LAN ports sitting there, exposed, just waiting for someone to come along and plug a laptop in. Here, take a look:You can see the open ports right next to the red network cable that runs down to the ATM. But wait, what’s that flat, powder blue cable next to it? Why, that’s the console cable that Cisco shipped with this router. It’s super useful because it lets you reprogram the box even when something prevents you from doing it with a web browser (say, like a semi-competent admin).To make things worse, Krebs’ reader didn’t even notice any security cameras covering the lobby. Would it be that hard for someone to stroll on up and stealthily plug in a device? Nope. So do yourselves  a favor, fellow geeks. If you need to withdraw money from an ATM and you see something like this… just keep walking.last_img read more