(Mis)Uses of Technology

by Mike Masnick

Filed Under:
atm, malware, security


Turns Out Diebold's ATMs Insecure As Well; Scammers Install Malware

from the what-a-surprise dept

Diebold is pretty well known for being in two separate, though similar, businesses: ATMs and e-voting machines. Its e-voting machines have always had a terrible reputation, with security flaws and bugs galore (the company recently has tried to hide from all the negative publicity by renaming the e-voting division as Premier Election Solutions). However, many people kept asking how the company could get so many things so wrong when it came to e-voting, but still get its ATMs working properly. Of course, as has been noted in the past, the way ATMs work is quite different, and mistakes are likely to be spotted quickly.

However, it's now coming out that Diebold's ATMs also have security problems. Slashdot alerts us to the news that Diebold has issued a patch after discovering that some scammers have been able to install "card sniffing" software on a variety of Diebold ATMs allowing the scammers to get all your card details. Is that Premier Banking Solutions I hear knocking?

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 18 Mar 2009 @ 9:38pm

    It's really quite scary how many ATMs run Windows. Diebold certainly isn't alone in doing so, but being part of the herd is no excuse.

    reply to this | link to this | view in thread ]

  2. identicon
    Mark, 19 Mar 2009 @ 12:00am

    You'd think this outfit would wake up and wise up after all their troubles. They'd have been far ahead to hire someone with a Linux background to write some decent software for them.

    reply to this | link to this | view in thread ]

  3. identicon
    Paul Berry, 19 Mar 2009 @ 2:46am

    Not fit for purpose

    Never mind trying to fix what they've got, how they're actually still in business is a mystery. Surely regulatory, never mind economic, pressures would have an effect?

    reply to this | link to this | view in thread ]

  4. identicon
    EH, 19 Mar 2009 @ 4:08am


    If you have physical access to the boxes, as these people did, it doesn't matter *what* OS you have. This is not a software issue, it is a combination of hardware and wetware.

    reply to this | link to this | view in thread ]

  5. identicon
    ChuckE, 19 Mar 2009 @ 4:33am


    I worked on Diebold ATM's for over 8 years for A VERY large National Bank. The DieBolds would hardly ever balance. We had 20 year old IBM ATM that would always balance NCR ATM that not onle always balanced nut only needed maintenance about once a quarter. Brand new Diebolds needed daily maintenance. The Bank eventually replaced all the IBM's and NCR's with DieBolds. Why..... The company is crooked and bribes to fellow exec's go a long way.

    Know your DieBold voting machines will never be safe or accurate. But Officials will continue to buy them... and get rich!

    reply to this | link to this | view in thread ]

  6. identicon
    Diebold, 19 Mar 2009 @ 7:44am

    Re: Linux?

    At least one reader on here isn't a complete dumbass jumping on the "Diebold Sucks" bandwagon. 90% of these idiots didn't even know Diebold made ATMs.

    reply to this | link to this | view in thread ]

  7. identicon
    linlu, 19 Mar 2009 @ 9:37am

    Awaiting list of banks that bought these

    I would love to see a list of banks that use these on wikileaks, wouldn't you?

    reply to this | link to this | view in thread ]

  8. icon
    Doug (profile), 19 Mar 2009 @ 10:01am

    The whole story

    The thieves had physical access to the machines. Why is that not mentioned in your "down with Diebold" article?

    reply to this | link to this | view in thread ]

  9. identicon
    ha, this time you're actually wrong..., 19 Mar 2009 @ 3:15pm

    Re: Linux?

    If I lock the BIOS of my machine, as well as the recovery terminal, and start not as root, damn good luck changing anything without the root password... Naturally, the disk must be encrypted as well - but with all those, either the encryption of the password must be cracked to change things. That's way beyond the ability of typical criminals...

    reply to this | link to this | view in thread ]

  10. identicon
    Malware, 3 Feb 2010 @ 7:53am

    Wouldn't the ability to author malware for an ATM hinge on the authors having access to the OS running on the machine? If so, how the heck are they getting their hands on that? I mean, clearly this is not just Windows code, this is sophisticated thievery going on here.

    reply to this | link to this | view in thread ]

  11. identicon
    Diebold does suck..., 11 Mar 2010 @ 10:34am

    If they didn't have issues...then why did they develop this?

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.