00:00:00.000,00:00:03.904 >>Uh so yeah you guys all showed up for uh basically us setting 00:00:03.904,00:00:07.841 up the AV stuff pretty quick and uh yeah this is next-gen hacking 00:00:07.841,00:00:10.677 ATM's so I'm going to jackpot this little baby has fifty 00:00:10.677,00:00:13.180 thousand dollars in it so it should be shooting all over the 00:00:13.180,00:00:17.751 floor in a little bit and uh yeah so yeah I'm a senior 00:00:17.751,00:00:21.321 engineer been doing pen testing for 11 years I speak a lot uh 00:00:21.321,00:00:23.757 spoke a lot of Def Con this is my third year in a row at def 00:00:23.757,00:00:26.994 cons just love the conventions love meeting the people and I 00:00:26.994,00:00:30.797 spoke hope takedown contents of other events so and I did a lot 00:00:30.797,00:00:33.867 of reverse engineering I'm doing a talk later this week or on the 00:00:33.867,00:00:36.837 demo laps on some uh software that actually makes computers 00:00:36.837,00:00:40.140 immune to ransom ware so don't only do terrible things to ATM's 00:00:40.140,00:00:43.243 and I also try to make protections too so and I do a 00:00:43.243,00:00:46.280 lot uh hotel hacking it's going to be on uh also later this week 00:00:46.280,00:00:48.749 on Sunday if you wanna make sure your talks on the last day of 00:00:48.749,00:00:54.922 the week make sure you do it on hacking hotels so [laughter] and 00:00:54.922,00:00:58.692 yeah safety first I drove an ATM machine about 1,900 miles uh 00:00:58.692,00:01:02.663 from Bismarck North Dakota to Las Vegas Nevada and I had once 00:01:02.663,00:01:05.732 again I had an ATM machine and a bunch of skimmers shimmers 00:01:05.732,00:01:08.168 everything you can imagine so that was one of the things I 00:01:08.168,00:01:11.004 took safety first and actually didn't push the firmware on the 00:01:11.004,00:01:13.840 devices until I actually got to my hotel room at Mandalay bay 00:01:13.840,00:01:17.411 but it's a black and also so that's something where I like to 00:01:17.411,00:01:19.646 take a little bit more safety precautions just when you're 00:01:19.646,00:01:21.248 moving those things because I noticed in the past a lot of 00:01:21.248,00:01:24.718 people of uh accidentally forgot them in airplanes or uh had 00:01:24.718,00:01:28.255 their vehicles broken into so just a little bit more diligence 00:01:28.255,00:01:30.791 and yeah I thought that was kinda neat I wish that much more 00:01:30.791,00:01:33.126 people do that because some of these things they fall into the 00:01:33.126,00:01:35.529 wrong hands um on its kind of scary to imagine what people do 00:01:35.529,00:01:38.932 with them so and yeah uh I'm going over the actual attacks on 00:01:38.932,00:01:41.802 the EMB uh some of are standards-based some of the 00:01:41.802,00:01:45.005 things are um things that weren't fixed in the past um 00:01:45.005,00:01:46.940 from some of the talks previously so hopefully you guys 00:01:46.940,00:01:49.343 have a little bit of uh understanding at least about the 00:01:49.343,00:01:52.579 chip and pin cards are uh if if you bank somewhere they still 00:01:52.579,00:01:55.949 have the mag stripes I would uh maybe take a consideration into 00:01:55.949,00:01:58.518 changing that so and yeah they are working through a lot of the 00:01:58.518,00:02:00.921 cardstock so everything in this uh United States is going to 00:02:00.921,00:02:03.490 chip n pin here pretty soon so they have the next liability 00:02:03.490,00:02:07.761 shift that's coming up 2017 so and uh that's what makes us a 00:02:07.761,00:02:12.099 next-gen talk actually converted this uh ATM machine over 20 mb 00:02:12.099,00:02:15.802 so which I'll go into a little bit details here so a tour of 00:02:15.802,00:02:18.939 the actual distribution system so I have an actual block chain 00:02:18.939,00:02:23.377 design that I imagine that the uh actually makes it possible uh 00:02:23.377,00:02:26.146 you know it's not actually enabling people but it shows the 00:02:26.146,00:02:28.882 capabilities of the extent that the bad guys are actually gonna 00:02:28.882,00:02:31.685 go to uh when they actually start uh trying to sell these 00:02:31.685,00:02:34.087 transactions because the static data everybody seen the Carter 00:02:34.087,00:02:36.890 forms and things will get into greater detail later about that 00:02:36.890,00:02:43.630 so and uh lets hear so lets look at the communication backend um 00:02:43.630,00:02:46.433 what the actual uh banking portion it's running on things 00:02:46.433,00:02:49.202 like that I'm going to introduce you to la'kara is the automated 00:02:49.202,00:02:52.305 cash flow [mumble] method and I'm gonna go over the uh demo 00:02:52.305,00:02:55.575 which is uh going to great detail it's actually gonna just 00:02:55.575,00:03:00.380 jackpot on stage so and yeah so basically what is the ENB was uh 00:03:00.380,00:03:03.250 integrate integrated in the early eighties in France and uh 00:03:03.250,00:03:06.420 that's your MasterCard Visa and it's a little chip n pin cards 00:03:06.420,00:03:09.022 the actual ENB code is the one that actually monitored the 00:03:09.022,00:03:12.692 standards for those so uh yeah it replaces the master card 00:03:12.692,00:03:15.062 which has been around since the nineteen forties so it's a 00:03:15.062,00:03:18.498 little old it could uh have a participated in World War two so 00:03:18.498,00:03:23.036 it's pretty old a liability shift actually on uh gas pumps 00:03:23.036,00:03:26.106 which is the bad guys favorite shimming and skimming spots is 00:03:26.106,00:03:29.576 actually going to be coming up here in 2017 for gas pumps and 00:03:29.576,00:03:33.447 point-of-sale system for the uh gas pump and ATM machines that's 00:03:33.447,00:03:36.283 why they had this talk was do I'd like to give the good guys a 00:03:36.283,00:03:40.120 little bit of time to actually uh yeah fix some of these issues 00:03:40.120,00:03:42.456 before they actually used on the wild as soon as the master 00:03:42.456,00:03:44.825 data's are cut off they're gonna have about forty dollars of 00:03:44.825,00:03:48.662 value so and what actually led me to this research is I have uh 00:03:48.662,00:03:51.465 a ton of scripts that I have uh running online and they're 00:03:51.465,00:03:53.934 actually monitoring bin numbers and uh some of the bank 00:03:53.934,00:03:55.869 identification numbers that are for sale so there's a larger 00:03:55.869,00:03:59.973 breach in uh say for example like Bismarck North Dakota or 00:03:59.973,00:04:02.142 something like that able you know it will show that there's 00:04:02.142,00:04:05.579 uh high validity are there have a lot of cards for sale and 00:04:05.579,00:04:07.948 North Dakota area which I'll show you on this is kind of how 00:04:07.948,00:04:10.383 they offer and now it was one of the biggest breakthroughs that 00:04:10.383,00:04:13.987 happened in uh karting history in the last little bit uh was 00:04:13.987,00:04:16.323 pretty much over the last 4 5 years people have been able to 00:04:16.323,00:04:18.925 literally filter by your area code like I live in Bismarck 00:04:18.925,00:04:22.195 North Dakota and these are all uh credit card transactions 00:04:22.195,00:04:25.065 wouldn't raise any suspicion if I was the bad guy so that's like 00:04:25.065,00:04:27.400 one of the bigger things that hit the this is how it evolved 00:04:27.400,00:04:29.736 like before it was you know you didn't know if you're buying in 00:04:29.736,00:04:32.472 Austin Texas credit card or the bad guy didn't nobody know if he 00:04:32.472,00:04:34.875 was buying a bad credit card so where would get flagged for 00:04:34.875,00:04:40.313 suspicion so so I actually took a kind of an approach on what I 00:04:40.313,00:04:42.983 imagined some of the next generation sales methods to be 00:04:42.983,00:04:45.986 and how people would actually be able to sell ENB transactions 00:04:45.986,00:04:50.490 and um some of the RFID and actually the uh old classic 00:04:50.490,00:04:53.660 track one two and three data and uh as you guys probably has seen 00:04:53.660,00:04:56.630 um they have professionally made shimmers out there now like a 00:04:56.630,00:04:59.266 lot of them actually like serial numbers and stuff on them so 00:04:59.266,00:05:01.635 they are actually being actually produced and that's something 00:05:01.635,00:05:04.371 that oh yeah this is pretty much gonna take a little bit of a 00:05:04.371,00:05:07.941 glimpse into the actual uh what I imagined future Carter sites 00:05:07.941,00:05:10.744 would look like um being able to sell ENB transactions which 00:05:10.744,00:05:13.413 aren't stated [da] static data so they're not something where 00:05:13.413,00:05:17.517 you can buy it using the week and a half it's literally uh as 00:05:17.517,00:05:20.086 you'll see on the next page here it's actually the Carter site of 00:05:20.086,00:05:23.557 the future so it has actually complete with spelling errors so 00:05:23.557,00:05:26.860 and yeah you can basically uh just like which fema region 00:05:26.860,00:05:29.262 you're gonna be in and uh automated if it's going to be 00:05:29.262,00:05:32.699 automated portion you can push them into additional commands 00:05:32.699,00:05:35.368 and the actual time zone uh it's going to go into setting the 00:05:35.368,00:05:39.039 fraud SMS system so that's something like where you can uh 00:05:39.039,00:05:41.675 say for example from the cash out ATM if people want to block 00:05:41.675,00:05:43.577 the SMS messaging and things like that because some of the 00:05:43.577,00:05:46.713 banks will send the confirm messages and stuff like that so 00:05:46.713,00:05:49.115 uh there's a lot of uh actual attack surface that people can 00:05:49.115,00:05:50.450 do with these so and uh you can basically put in two passwords 00:05:50.450,00:05:51.785 and although a little bit of detail what those actually do 00:05:51.785,00:05:53.119 later on in this transaction and uh yeah and I trust that this 00:05:53.119,00:05:58.124 will make a lot more sense once i actually got the blockchain so 00:06:02.762,00:06:04.998 yeah you're basically not buying static data anymore you're 00:06:04.998,00:06:09.436 buying access are the bad guys are actually buying access to a 00:06:09.436,00:06:12.205 network of shimmed devices for those devices are passing the 00:06:12.205,00:06:15.942 information off the cash out ATM so and here's how it works 00:06:15.942,00:06:19.112 actually so that person that was going to the bad partner sites 00:06:19.112,00:06:22.315 mr. bad guy comes onto the page uh fix which minute he's gonna 00:06:22.315,00:06:25.886 be doing standing at that ATM and uh use that they asked to 00:06:25.886,00:06:29.122 select your time zone he was in and some other things and it'll 00:06:29.122,00:06:32.092 actually uh with one of those two passwords that he did it 00:06:32.092,00:06:34.527 will be able to put into limited character where we'll be able to 00:06:34.527,00:06:37.364 pick out where that transaction is so that you're getting 00:06:37.364,00:06:39.466 blockedchain in every single fraudulent transaction that is 00:06:39.466,00:06:43.470 going on in this shimmed network um I have there's like a 150,000 00:06:43.470,00:06:46.139 bank accounts uh there are simulated on this back-end and 00:06:46.139,00:06:48.808 then um there's a credit processor portion where all the 00:06:48.808,00:06:52.846 fraud flags are held in things so it will actually go through 00:06:52.846,00:06:56.116 the transactions here a little bit so this is actually going to 00:06:56.116,00:07:00.086 pass off into the blockchain pretty much all the 35 devices 00:07:00.086,00:07:03.123 that is feeding this ATM machines so uh since the 27th 00:07:03.123,00:07:05.992 the last month I've actually had uh a lot of transactions going 00:07:05.992,00:07:09.095 on so there's little simz that are basically doing purchases 00:07:09.095,00:07:12.198 and it's learning what a natural environment looks like and it 00:07:12.198,00:07:15.669 actually uh the the initial time and I ran it it uh shut down 00:07:15.669,00:07:18.071 after seven transactions because I only had a hundred-fifty 00:07:18.071,00:07:21.541 accounts so it actually has the frat fraud flags in place to 00:07:21.541,00:07:24.577 actually shut it down so basically so after you put the 00:07:24.577,00:07:28.248 password in it's actually going to go into uh giving you the 00:07:28.248,00:07:31.051 character information you need to initiate the tunnel uh for 00:07:31.051,00:07:33.787 the fraudulent back-end so in the bad guys are connecting they 00:07:33.787,00:07:36.823 actually get des keys that allow them to actually talk to the 00:07:36.823,00:07:40.393 entire fraud back-end so and this is um yeah this is the 00:07:40.393,00:07:44.097 first time that they be able to monetize this in a in a life 00:07:44.097,00:07:48.101 scenario so and the information received so they get the tunnel 00:07:48.101,00:07:50.770 information before so they are connecting to the tunnel and 00:07:50.770,00:07:53.873 authenticating to the fraud network uh pretty much the same 00:07:53.873,00:07:57.177 way that the ATM's des keys that talks to the Gateway processor 00:07:57.177,00:07:59.646 that talks to the banking backends without the des keys 00:07:59.646,00:08:03.883 this uh ATM cannot talk to my uh gateway processor network that 00:08:03.883,00:08:06.519 I've set up and then also the banking back end or any of the 00:08:06.519,00:08:09.356 bank accounts so that's something where uh you're 00:08:09.356,00:08:11.791 basically basic information is going to go to the infotype 00:08:11.791,00:08:14.527 quality of the actual skim device so if it's one of the 00:08:14.527,00:08:17.097 more trusted sources uh more people paid more they'll get 00:08:17.097,00:08:21.601 more preferential treatment on the actual blockchain so yeah so 00:08:21.601,00:08:23.837 basically uh other than that you're gonna get a tunnel ID 00:08:23.837,00:08:26.206 information then you're gonna get pin information and this uh 00:08:26.206,00:08:28.575 this device is actually automatically putting in pin 00:08:28.575,00:08:31.945 information which uh is one of the the last ways that it's 00:08:31.945,00:08:35.882 actually possible to uh jackpot uh additionally because I'm uh 00:08:35.882,00:08:38.818 Barnaby Jack I was uh doing some great research made it a lot 00:08:38.818,00:08:43.089 easier for people like me to be able to present uh uh flaws in 00:08:43.089,00:08:45.558 ATM's and things like that without being arrested or 00:08:45.558,00:08:49.362 questioned by law enforcement that's something where you know 00:08:49.362,00:08:51.931 a lot of the frontrunners on his actually a hardware attack we're 00:08:51.931,00:08:54.501 actually check the firmware just told you to spit the actual uh 00:08:54.501,00:08:56.770 money out so that's something where this is a little bit 00:08:56.770,00:09:00.774 different research so and yeah so basically as you can see the 00:09:00.774,00:09:03.977 connection information is before your actual transaction in the 00:09:03.977,00:09:07.680 blockchain so and what kind of information can be sold on these 00:09:07.680,00:09:11.317 Carter sites um so that basically static magnetic data 00:09:11.317,00:09:13.987 and track 1 2 & 3 data that's a classic data that's being sold 00:09:13.987,00:09:18.525 right now there's EMVDDA which is the dynamic authentication 00:09:18.525,00:09:20.727 which are some of the newer cards um if you got like one of 00:09:20.727,00:09:23.296 the cards like three years ago four years ago some of those 00:09:23.296,00:09:26.099 have a lot more static information on them and uh some 00:09:26.099,00:09:28.435 of the newer cardstock that banks are going through are the 00:09:28.435,00:09:32.472 new these two new transactions so some of the issues that were 00:09:32.472,00:09:36.342 you spoke of in the past where actually fixed a little bit and 00:09:36.342,00:09:39.579 uh some of them was still available so some of the newer 00:09:39.579,00:09:42.582 uh cards are still susceptible to these attacks and uh there 00:09:42.582,00:09:45.785 will be some RFID stuff so not the RFID in the sense of like 00:09:45.785,00:09:49.522 Apple pay and the google pay it's actually the tip uh card 00:09:49.522,00:09:51.624 where you can click them and stuff like that though some of 00:09:51.624,00:09:53.893 those will be able to be would be able to be sold on a 00:09:53.893,00:09:58.531 fraudulent network so and yeah it actually the this device will 00:09:58.531,00:10:01.634 if they're not uh I put a couple cards and then I remove them for 00:10:01.634,00:10:05.004 demo purposes without that were like specifically only for food 00:10:05.004,00:10:07.807 or things like that so it will reject cards onto the network 00:10:07.807,00:10:11.077 that are just set for flags that say it can only be used for food 00:10:11.077,00:10:14.848 or gas so and aside from the card actually being passed off 00:10:14.848,00:10:17.717 it will also pass off the pin at the ATM limit and that's one of 00:10:17.717,00:10:19.285 the things that uh whole I was going around some of those 00:10:19.285,00:10:21.721 Carter sites I was on collecting all the research and there's 00:10:21.721,00:10:25.158 lots of um pans uh they're collecting the actual pan 00:10:25.158,00:10:27.494 information so they account numbers and the bins which are 00:10:27.494,00:10:29.963 the bank identification numbers they're collecting the amounts 00:10:29.963,00:10:32.332 that are most likely they're point-of-sale limits and then 00:10:32.332,00:10:35.235 some of their ATM transactions so it's something where they 00:10:35.235,00:10:38.071 were looking to see how much these actual accounts they could 00:10:38.071,00:10:40.373 get out of them so they know what to mark them up to but it's 00:10:40.373,00:10:44.010 also uh anytime that would compromise a card using a 00:10:44.010,00:10:46.112 Lebanese loop or there's other devices where they would get 00:10:46.112,00:10:49.616 them stuck in the ATM come back from uh their most likely you 00:10:49.616,00:10:51.751 know taking these cards and looking actually actual flag 00:10:51.751,00:10:53.820 detail so they're collecting all this information from the 00:10:53.820,00:10:56.990 banking networks and that's what led me to believe that uh 00:10:56.990,00:10:59.158 eventually they're gonna be going after EMB transactions but 00:10:59.158,00:11:01.594 why would they do it now because they have all this low hanging 00:11:01.594,00:11:05.832 fruit of all these magnetic card data so anyway here's in a 00:11:05.832,00:11:09.469 nutshell what is happening you have multiple shimmed devices 00:11:09.469,00:11:12.171 and their passing off to one device so this doesn't have to 00:11:12.171,00:11:15.241 be a huge block chain uh that was the method that I saw is 00:11:15.241,00:11:18.444 where bad guys to be able to monetize this again and it's 00:11:18.444,00:11:21.114 because of some of the latency that has uh introduced into the 00:11:21.114,00:11:24.317 actual process um there's limitations with the especially 00:11:24.317,00:11:27.387 uh the backbone for fibre and so the United States there are some 00:11:27.387,00:11:29.656 methods where they could uh actually be able to do online 00:11:29.656,00:11:32.425 processing all the time and some of the weaknesses that are in 00:11:32.425,00:11:35.228 these actual protocols that were exploited uh won't be able to be 00:11:35.228,00:11:37.997 fully turned on for a couple years due to limitations on 00:11:37.997,00:11:41.768 actual communication networks so but uh basically think of it as 00:11:41.768,00:11:45.338 you know if one bad guy actually poisoned four uh ATM's are 00:11:45.338,00:11:48.408 point-of-sale systems they be able to uh relay those uh EMB 00:11:48.408,00:11:55.014 transactions into the actual uh ATM so and here's the most 00:11:55.014,00:11:58.117 likely a method that the data gets sold uh so basically you 00:11:58.117,00:12:01.020 have least gear so there's people that would be mules for 00:12:01.020,00:12:03.790 these organizations and it would be you know installing these 00:12:03.790,00:12:06.225 shimmers driving across the united states and then you have 00:12:06.225,00:12:09.195 the the fraudulent employees uh pretty much the same methods 00:12:09.195,00:12:12.165 that are using now uh you have the independent small breaches 00:12:12.165,00:12:15.501 things like that where there's fed into a small Carter site and 00:12:15.501,00:12:19.339 uh those were the ones were you the smaller organizations where 00:12:19.339,00:12:22.008 people are actually able you know there's like a five-person 00:12:22.008,00:12:24.544 crew going around the United States you know cashing out that 00:12:24.544,00:12:28.348 way so and when they have unused transactions that are actually 00:12:28.348,00:12:31.351 able to pop them into the main Carter so it's and that's kind 00:12:31.351,00:12:34.787 of the same way works now except uh they're able to do it with 00:12:34.787,00:12:38.024 these live EMV transactions and like it's saying it can't be 00:12:38.024,00:12:41.327 held as static data needs to be used within a certain timeframe 00:12:41.327,00:12:44.731 and uh it needs to match some of the flags that has coming over 00:12:44.731,00:12:47.333 the top of it for when the transaction is actually 00:12:47.333,00:12:53.039 initiated so yeah and so basically this is what happens 00:12:53.039,00:12:55.942 uh some people ask me if it's actually cloning the card it's 00:12:55.942,00:13:00.680 actually not it's uh what it is is it's basically intercepting 00:13:00.680,00:13:03.616 after a certain portion uh initially it's just using the 00:13:03.616,00:13:05.952 actual power from the point-of-sale system and after 00:13:05.952,00:13:08.755 that point uh once it gets the transaction actually started 00:13:08.755,00:13:11.157 which I'll go through the actual process then we'll get into the 00:13:11.157,00:13:15.461 actual mechanics behind this and the actual numbers so so 00:13:15.461,00:13:19.632 basically that holds for round two uh once it's uh started the 00:13:19.632,00:13:22.769 initial process that uses the power to power the skimmer or 00:13:22.769,00:13:26.205 the shimmer and the actual uh wireless into the device so the 00:13:26.205,00:13:28.841 actual stage one transaction once it's passed off the ATM 00:13:28.841,00:13:32.512 machine they just did the $38 point of sale transaction and 00:13:32.512,00:13:36.616 the uh $1,500 ATM withdrawal happened without them even being 00:13:36.616,00:13:39.018 the wiser and they didn't touch each other's limits because 00:13:39.018,00:13:43.189 there's point-of-sale and ATM so and like I said this is not 00:13:43.189,00:13:46.793 cloning the card and uh there are four stages of the EMV 00:13:46.793,00:13:49.128 transaction it's being released into the tunnel and it is 00:13:49.128,00:13:53.900 literally imagine it as an extension to the actual ATM so 00:13:53.900,00:13:57.336 uh the cash at the capture device basically regurgitates 00:13:57.336,00:13:59.672 the exact same information that is sent from the skimmed 00:13:59.672,00:14:02.375 point-of-sale system and I will go into a little bit more detail 00:14:02.375,00:14:05.011 about some of the ways to actually capture pins uh you 00:14:05.011,00:14:08.781 guys seen a lot of them in the wild um for example there's pain 00:14:08.781,00:14:12.418 overlays I have a new one that's actually pretty pretty soon too 00:14:12.418,00:14:16.089 soon and the actual point of sale limited shimmed and that 00:14:16.089,00:14:19.525 won't count once again against the ATM limit so they actually 00:14:19.525,00:14:22.361 have different process portions that they're talking to about 00:14:22.361,00:14:24.263 authentication with a little bit harder to catch some of these 00:14:24.263,00:14:27.400 transactions also so and uh here's a little bit of a 00:14:27.400,00:14:30.169 pictures of some of the skimmers and shimmers that were caught in 00:14:30.169,00:14:32.872 the wild the one on the Left actually was used for some 00:14:32.872,00:14:36.142 downgrade attacks for some banks that in properly integrated uh 00:14:36.142,00:14:38.845 EMV and uh some of the other ones are some of the uh phone 00:14:38.845,00:14:41.514 parts and things like that that I actually used to build some of 00:14:41.514,00:14:45.985 the shimmers that I was actually doing from a proof-of-concept so 00:14:45.985,00:14:49.021 idea is your general point-of-sale system so and uh 00:14:49.021,00:14:52.692 you know cash out device standalone so yeah uh this is 00:14:52.692,00:14:55.128 meant to be like an auto service ATM it's supposed to be 00:14:55.128,00:14:57.663 something that uh you normally wouldn't want it to fly out 00:14:57.663,00:14:59.832 everywhere on the street but it's something where you would 00:14:59.832,00:15:03.336 want to you know catch it and have it doing after hours at you 00:15:03.336,00:15:06.639 if you're a bad person of course and it's something that uh I at 00:15:06.639,00:15:09.842 the original concept except that I had was just like a huge face 00:15:09.842,00:15:12.378 shell on the actual ATM and it would catch all the money and 00:15:12.378,00:15:14.180 stuff but it's much better if it's just flying out of the 00:15:14.180,00:15:17.917 bottom so and yeah and I'm going to the actual cash out 00:15:17.917,00:15:20.353 standalone this is something that people were wondering about 00:15:20.353,00:15:22.922 because it's uh there are foreign object detection on a 00:15:22.922,00:15:24.791 lot of the new ones on a conference several ways to 00:15:24.791,00:15:26.893 actually deactivate a lot of that stuff and uh some of the 00:15:26.893,00:15:31.130 newer devices uh inside the next generation ATM's so that's 00:15:31.130,00:15:34.634 something that will go into a little more detail here and 00:15:34.634,00:15:36.702 basically this is like the standalone device you just 00:15:36.702,00:15:39.906 literally a cellphone and a or the bad guy only needs a 00:15:39.906,00:15:42.842 cellphone and uh credit-card that can impersonate some of the 00:15:42.842,00:15:46.345 other EMV transactions so basically once this device is 00:15:46.345,00:15:48.581 actually uh plugged into the machine it will start 00:15:48.581,00:15:50.349 replicating a lot of the information that they're getting 00:15:50.349,00:15:52.518 from their blockchain so pretty much all they need is a wireless 00:15:52.518,00:15:56.589 internet connection and on ATM that accepts uh yeah AMV 00:15:56.589,00:16:01.260 transactions so I'm going to introduce la'kara which is a 00:16:01.260,00:16:04.363 real roughly translated the face so that everything sounds more 00:16:04.363,00:16:08.234 menacing in Spanish doesn't it so [chuckle] but yeah you know 00:16:08.234,00:16:10.903 why would somebody want to automate something like this um 00:16:10.903,00:16:13.940 yeah people are un-trustable as you can see here this is off of 00:16:13.940,00:16:16.909 a couple guys Twitter feeds that got busted they're doing cash 00:16:16.909,00:16:20.179 out run yeah that's not conspicuous at all so [chuckle] 00:16:20.179,00:16:25.017 yeah so the cashier crews they brag about it on social media uh 00:16:25.017,00:16:29.121 you have one busted humans get busted a rat out and uh machines 00:16:29.121,00:16:31.057 usually don't have twitter accounts that's like one of the 00:16:31.057,00:16:34.794 most positive things for the bad guys so and I want to go with a 00:16:34.794,00:16:37.463 de con theme this year which was rise of the machines like 00:16:37.463,00:16:40.566 immediately after Jeff told everybody what the theme was for 00:16:40.566,00:16:43.035 the next year I was like I'm gonna make an ATM machine that 00:16:43.035,00:16:47.773 can do its own like broad will be a beautiful thing so [laugh] 00:16:47.773,00:16:50.943 okay and yeah so it's going along with a theme like I was 00:16:50.943,00:16:53.312 saying there is the standalone which was more practical and 00:16:53.312,00:16:57.450 what I actually imagine the bad guys using the wild so and 00:16:57.450,00:17:00.653 la'kara does have its own Twitter account actually so 00:17:00.653,00:17:02.889 [chuckle] and I was actually gonna broadcast the the uh uh 00:17:02.889,00:17:05.625 stimulated and emulated uh uh banking backend transaction data 00:17:05.625,00:17:09.395 I didn't have time to set all that up and I doubt that anyone 00:17:09.395,00:17:11.731 watched to watch a bunch of numbers fly across Twitter when 00:17:11.731,00:17:14.400 I thought about it in hindsight so but yeah which I was shown a 00:17:14.400,00:17:17.770 lot of how the staging works and uh how what will happen if like 00:17:17.770,00:17:20.506 two transactions or kicked into the blockchain how they take 00:17:20.506,00:17:25.378 priority and a lot of information so so yeah that guy 00:17:25.378,00:17:28.281 smiling like a child inside the reflection of that ATM screen is 00:17:28.281,00:17:31.884 me that's the last year after defcon i actually bought an ATM 00:17:31.884,00:17:34.887 machine started doing some research and everybody asks me 00:17:34.887,00:17:38.991 including the press person who violently ripped the [chuckle] 00:17:38.991,00:17:41.694 car off their what's behind there and it's actually two 00:17:41.694,00:17:45.965 Arduinos controlled by Raspberry Pi controlled by an android so 00:17:45.965,00:17:48.100 there's a lot of computer components and it's a basically 00:17:48.100,00:17:51.804 what your servos uh that are entering the uh transaction 00:17:51.804,00:17:54.840 amount so it'll say how much money it wants to take out it'll 00:17:54.840,00:17:58.644 actually enter the pin number it will accept it will say no 00:17:58.644,00:18:02.014 receipt and then we'll go on to the next transaction so there's 00:18:02.014,00:18:04.717 a bunch of little baby robot fingers inside there just 00:18:04.717,00:18:08.454 pushing buttons and making money come out and the actual card is 00:18:08.454,00:18:10.423 actually plugged into the Raspberry Pi and that is all the 00:18:10.423,00:18:14.327 modulation and the actual data processing for the card so 00:18:14.327,00:18:17.196 that's how the actual EMV card when he gets impersonated and 00:18:17.196,00:18:19.899 needed something that's a little more beefy than Arduino but as 00:18:19.899,00:18:23.536 far as for controlling the robot fingers that was pretty much 00:18:23.536,00:18:27.039 what it came down to so and so this could be a removable device 00:18:27.039,00:18:29.442 like where if somebody didn't want to like uh I was saying 00:18:29.442,00:18:32.678 they would most likely want to make it something that pops on 00:18:32.678,00:18:36.282 quick that uh yeah it's not made out of fiberglass in and I'm 00:18:36.282,00:18:40.152 actually from the process of how yeah for some reason you know 00:18:40.152,00:18:42.655 you send I have a couple buddies I do 3d printing and you start 00:18:42.655,00:18:45.858 sending them ATM parts and they could answer your emails 00:18:45.858,00:18:48.861 [chuckle] so okay so that's something we're pretty much I 00:18:48.861,00:18:51.564 was like okay I'm gonna do this the good old-fashioned way you 00:18:51.564,00:18:54.033 know like I used to do auto restoration and I was little how 00:18:54.033,00:18:57.470 hard could this be so yeah basically a covered in plastic 00:18:57.470,00:19:00.539 made a buck mold and plug mold then I uh just put the new 00:19:00.539,00:19:03.476 fiberglass uh you know the fiberglass on the front of it 00:19:03.476,00:19:07.279 and yeah this is actually nasty ATM is the name of that uh color 00:19:07.279,00:19:09.915 of grey so uh [chuckle] it could've been a little bit 00:19:09.915,00:19:11.751 closer match but yeah you get the gist of it it's an 00:19:11.751,00:19:14.620 out-of-service ATM and when rising suspicion my actual 00:19:14.620,00:19:19.125 branch ATM the bank that I work [er] the bank I don't work for 00:19:19.125,00:19:22.361 Rapid7 but the bank that actually bank at their ATM's 00:19:22.361,00:19:24.964 down for two days and I was the first person to tell them so 00:19:24.964,00:19:27.033 it's not something we're out of service ATM will rise any 00:19:27.033,00:19:32.271 suspicions so this is uh yeah so basically uh it's a Swiss Army 00:19:32.271,00:19:34.240 knife so this was one of the first keypad that actually 00:19:34.240,00:19:37.710 started training my Arduino system on so and uh yeah then I 00:19:37.710,00:19:39.845 started um working into some of the more advanced methods like 00:19:39.845,00:19:42.682 some of the things that aren't even out yet and will only be 00:19:42.682,00:19:44.784 integrated once the United States finally catches up to a 00:19:44.784,00:19:46.852 lot of other countries they will be able to turn on a lot of 00:19:46.852,00:19:49.388 these mechanisms because I didn't want to just inject 00:19:49.388,00:19:52.925 magnetic card data using like uh mac spoofer like Sammy camper 00:19:52.925,00:19:55.294 has like that's an amazing device and uh that man is a 00:19:55.294,00:19:58.097 brilliant genius I want to give him props for I do use mac 00:19:58.097,00:20:01.567 spoofer on this one and several other ones so yeah oh so 00:20:01.567,00:20:04.603 [chuckle] and there's one of the corner they're basically a 00:20:04.603,00:20:06.605 little thing that can speak to the magnetic heads in the 00:20:06.605,00:20:09.442 readers but it's very very cool uh video to watch you guys 00:20:09.442,00:20:12.611 haven't seen yet so basically uh I when I start one of the other 00:20:12.611,00:20:16.015 devices started out with uh just to see if this is uh possible 00:20:16.015,00:20:18.017 you know because it's one thing if it's a theory and it's 00:20:18.017,00:20:20.586 another thing we can actually do it and it's another thing when 00:20:20.586,00:20:23.322 you're able to do it wirelessly in a room that's another thing 00:20:23.322,00:20:26.459 when you can bounce it off of VPS up in Toronto so like that 00:20:26.459,00:20:29.595 kind of latency compared to you know what's in a room and what's 00:20:29.595,00:20:32.064 actually allowed by the standards um they actually you 00:20:32.064,00:20:36.335 know a plan for a lot of that stuff to actually stopped so but 00:20:36.335,00:20:38.637 yeah I'll building your own thinking back and so that's a 00:20:38.637,00:20:40.740 lot of the actual systems like I was saying that there's been 00:20:40.740,00:20:44.577 since the uh because its 17 through the 27th last month I've 00:20:44.577,00:20:46.846 been doing a lot of these transactions and they're 00:20:46.846,00:20:49.615 actually doing envy transactions EMV on like I said there's 15 00:20:49.615,00:20:54.553 bank financial institutions and it's over uh uh 150,000 uh bank 00:20:54.553,00:20:58.758 accounts so those all are signed with uh cardstock um and they 00:20:58.758,00:21:01.894 actually have like a physical attachment to them so anytime 00:21:01.894,00:21:05.397 that card is uh simulated into the reader it's gonna check with 00:21:05.397,00:21:07.933 the bank the exact same the real networks would it's going to 00:21:07.933,00:21:10.803 flag it for fraud if I had like I was saying when I had a 00:21:10.803,00:21:13.973 hundred fifty accounts after seven accounts I got a flag for 00:21:13.973,00:21:17.009 fraud because unusual suspicion and it was some of the natural 00:21:17.009,00:21:19.211 settings on the banking network but now that I have a hundred 00:21:19.211,00:21:22.548 fifty thousand accounted it's uh open up to a lot more attacks uh 00:21:22.548,00:21:26.218 since I was gonna be doing several demos so and each like 00:21:26.218,00:21:28.087 I'm saying each one of these is uh this this is signed with 00:21:28.087,00:21:31.557 deskeys so say for example I get flagged for fraud this will take 00:21:31.557,00:21:33.826 me off of my uh gateway processor and we'll be able to 00:21:33.826,00:21:37.663 talk to my bank accounts so I will end the demo so [laughter] 00:21:37.663,00:21:39.465 and I wanted to make it a little more real world because I just 00:21:39.465,00:21:43.235 didn't want to you know be like us a bad simulation like this 00:21:43.235,00:21:46.172 one actually has some of the field uh information we can 00:21:46.172,00:21:49.408 actually offset some of the flags and uh yeah it uh 00:21:49.408,00:21:51.210 initiates the risk just like it would with any other 00:21:51.210,00:21:56.849 transactions and uh the skimmer is uh generated its it's 00:21:56.849,00:22:01.020 generating everything signing on with so and yeah so here's the 00:22:01.020,00:22:04.290 EMV transactions so uh and this is in a nutshell this is not and 00:22:04.290,00:22:06.525 literally took fourteen hundred and thirty eight pages for me to 00:22:06.525,00:22:10.529 fully understand it so this is up my two PowerPoint 00:22:10.529,00:22:13.732 presentation example of that so it's basically going to be uh 00:22:13.732,00:22:15.868 the card is read by a point-of-sale terminal talk to 00:22:15.868,00:22:18.704 the Enquirer which talks to the bank and that's uh vali- 00:22:18.704,00:22:20.539 validating that the cards legitimate and that the bank 00:22:20.539,00:22:22.942 accounts are legitimate and that the device the point-of-sale 00:22:22.942,00:22:25.411 system or the actual ATM system is actually allowed on the 00:22:25.411,00:22:28.180 network so that all that process is going on in the actual 00:22:28.180,00:22:32.418 transaction and basically step two is when this uh actual 00:22:32.418,00:22:35.020 attack happens it gets passed off to as you can see in that 00:22:35.020,00:22:37.423 little green area there it's actually getting passed off to 00:22:37.423,00:22:41.594 the uh ATM machine here so uh imagine there uh should be 00:22:41.594,00:22:44.496 technically about 3.1 transactions getting shot at 00:22:44.496,00:22:47.366 this ATM uh every time because of the size of the network and 00:22:47.366,00:22:49.602 the blockchain it is the only cash out device on the 00:22:49.602,00:22:52.538 blockchain so it takes priority and it should be uh getting 00:22:52.538,00:22:56.075 non-stop transactions after I pop on the actual uh la'kara 00:22:56.075,00:23:00.779 system so and yeah uh how would you capture the pin you have the 00:23:00.779,00:23:03.382 chip it's like one thing that's half the battle I was looking 00:23:03.382,00:23:06.118 into some of the uh actual features uh from the next 00:23:06.118,00:23:08.554 generation ATM's and uh they can actually change the pin on the 00:23:08.554,00:23:13.125 fly us and some of them are on entry unencoded are actually 00:23:13.125,00:23:16.395 unencrypted so there's uh the peppet methods of the past 00:23:16.395,00:23:18.764 there's the pinhole cameras that have been around for literally 00:23:18.764,00:23:21.934 probably 12 or 13 years uh there's the pin overlays to be 00:23:21.934,00:23:26.138 able to automate that kind of the same way uh as um the actual 00:23:26.138,00:23:29.608 version that I've simulating the actual pin numbers here is uh 00:23:29.608,00:23:33.646 based on Opencv which will go into in the second here so an 00:23:33.646,00:23:36.048 unencrypted pin traces so it's actually reading straight 00:23:36.048,00:23:40.919 mechanical data will be able to grab that way also and uh this 00:23:40.919,00:23:43.022 is actually the method that I came up with because I was like 00:23:43.022,00:23:47.493 I want a way to 100% automated it so I actually got a keypad a 00:23:47.493,00:23:50.963 nice sprite sprayed some 3m glue on it then put a bunch of iron 00:23:50.963,00:23:53.599 oxide like very small pieces of metal because I wanted to be 00:23:53.599,00:23:56.135 able to get past the foreign object detection you know in 00:23:56.135,00:23:59.672 this simulation so that's something with a little radio on 00:23:59.672,00:24:01.707 the bottom of it and went through the actual key cycles 00:24:01.707,00:24:04.610 and it uh actually basically has a different peak for each one of 00:24:04.610,00:24:07.513 the keys through in Opencv and now it's watching for those 00:24:07.513,00:24:11.116 peaks and uh depending on the actual peak and the pitch on the 00:24:11.116,00:24:13.852 peaks it will actually uh tell you basically what what key was 00:24:13.852,00:24:16.989 pushed so that was kind of like you know in addition to some of 00:24:16.989,00:24:19.558 the overlays which would be automatable uh it was something 00:24:19.558,00:24:22.094 else that I kind of wanted to yeah go into other ways of pin 00:24:22.094,00:24:25.531 capturing so that one was one hadn't seen before and I loved 00:24:25.531,00:24:26.865 playing with software-defined radios I got an Edisen 210 at 00:24:26.865,00:24:28.200 the beginning like right around Christmas time and I felt like 00:24:28.200,00:24:29.568 an eleven-year-old again so if you guys aren't playing with 00:24:29.568,00:24:33.372 software defined radios you definitely should be so 00:24:33.372,00:24:38.377 amazingly fun so idea so aside from probing of the network's 00:24:41.213,00:24:43.816 they're actually gonna go into uh the actual network and card 00:24:43.816,00:24:46.318 settings um there looking at what the like I said they're 00:24:46.318,00:24:49.021 collecting tons of data they're sitting out there cloud the bad 00:24:49.021,00:24:51.423 guys are actually collecting you know what that what flags are 00:24:51.423,00:24:54.626 set like what uh you know what uh limitations for poor 00:24:54.626,00:24:56.995 countries like what the actual attack surface nobody wants the 00:24:56.995,00:25:00.366 actual mag masturbated data dries up so this is kind of a 00:25:00.366,00:25:04.036 direction that I saw the uh bad guys going with this soon and 00:25:04.036,00:25:08.807 branch ATM's versus uh on that on-network ATM's anybody's ever 00:25:08.807,00:25:11.343 you know try to get five dollars and had to do it in two 00:25:11.343,00:25:13.912 transactions that's an off network ATM they like to uh get 00:25:13.912,00:25:16.849 some extra fees it's just a little bit more risky so they 00:25:16.849,00:25:20.419 break uh them down into several transactions and the on Grant 00:25:20.419,00:25:23.222 ones are like the actual ones that are inside of the actual 00:25:23.222,00:25:25.591 banks and stuff like that and I've you know personally I think 00:25:25.591,00:25:28.160 of taking out like you want to adjust your point-of-sale limit 00:25:28.160,00:25:29.995 but you can take up to like to three thousand dollars at the 00:25:29.995,00:25:33.699 time from some of them depending on your years with your bank and 00:25:33.699,00:25:35.734 things like that but somebody off branch ones are obviously 00:25:35.734,00:25:38.804 not the ones that would be attacked so and also this uh 00:25:38.804,00:25:41.306 that was one of the first things after I bought my ATM is 00:25:41.306,00:25:45.043 actually converted it uh to EMV so that uh is one of the only 00:25:45.043,00:25:48.847 modifications done to the uh actual circuit board is it has 00:25:48.847,00:25:51.517 the more advanced firmware that can handle the AMV compared to 00:25:51.517,00:25:55.621 the actual credit cards so and yeah the Chinese and Japanese 00:25:55.621,00:25:59.024 ATM's have they literally have like ten thousand dollar limits 00:25:59.024,00:26:02.294 in some cases so there are uh I think I don't remember what the 00:26:02.294,00:26:05.764 actual number was but I was several hundred that uh across 00:26:05.764,00:26:08.967 the world that has actually a ten-thousand-dollar plus limits 00:26:08.967,00:26:12.805 so their unlimited portions but most of them were in Japan and 00:26:12.805,00:26:16.608 China and yeah uh so 2017 is coming um around shipping a 00:26:16.608,00:26:19.044 point-of-sale systems obviously they're going to go for things 00:26:19.044,00:26:21.847 that don't have a lot of the foreign object detection that's 00:26:21.847,00:26:25.150 something that oh yeah it will put an end to a lot of that so 00:26:25.150,00:26:28.954 habit of putting EMV in early what's a like if it doesn't have 00:26:28.954,00:26:31.490 that piece of paper that it whatever they put on it like you 00:26:31.490,00:26:34.660 know don't stick card and no trip or whatever like we put our 00:26:34.660,00:26:37.596 card in there and it literally takes almost an eternity is what 00:26:37.596,00:26:40.332 it feels like so that's one of the things where we wanted to be 00:26:40.332,00:26:43.635 un-interrupted and uh yeah you can basically take your 00:26:43.635,00:26:47.072 point-of-sale limits and uh yeah if it's gonna be one of their 00:26:47.072,00:26:49.775 favorite things to actually most likely to do the same way that 00:26:49.775,00:26:52.110 they do now like a majority of the actual cards that were 00:26:52.110,00:26:58.917 skimmed are from the actual uh gas pumps so yeah I just like to 00:26:58.917,00:27:01.153 give special thanks before I kick off the demo and then I 00:27:01.153,00:27:04.323 will uh answer some questions if anybody has questions which we 00:27:04.323,00:27:06.225 should have a lot of them so I'm gonna give a shout out to my 00:27:06.225,00:27:11.396 wife my kids Jesus Barnaby Jack Samy Kamkar a a ton of the 00:27:11.396,00:27:14.666 Cambridge guys they did a really really good um job I got a lot 00:27:14.666,00:27:18.504 of a uh buddies with some of the Arduino issues I like to nest 00:27:18.504,00:27:22.241 code sometimes in and help me fix it so yeah and uh I'm gonna 00:27:22.241,00:27:24.543 go over the transaction because I um eighteen hundred dollar 00:27:24.543,00:27:28.914 short from my blackhat a demo so as you can see on the bottom uh 00:27:28.914,00:27:32.184 Benjamin Franklin's puckered pucker lips so it is not real 00:27:32.184,00:27:36.188 money so basically we're gonna go through this thing's loaded 00:27:36.188,00:27:38.991 250 thousand dollars in uh fake it's a not fake money it's a 00:27:38.991,00:27:41.460 fraudulent money it's actually for motion picture use and has 00:27:41.460,00:27:43.996 written all over it I mean it looks pretty good from 10 feet 00:27:43.996,00:27:46.565 or from where we're sitting in the crowd but it actually you 00:27:46.565,00:27:49.535 can tell from the on top it's not real so and it's going to 00:27:49.535,00:27:52.871 grab the pub the pan number and the bin number and actually go 00:27:52.871,00:27:56.108 off its five to nine dollar per transaction so it's going to 00:27:56.108,00:28:00.045 most likely go anywhere from zero to sixty transactions 00:28:00.045,00:28:02.381 before it's actually either shut down for fraud or runs out of 00:28:02.381,00:28:05.384 money so and uh the transaction time is going to take about 18 00:28:05.384,00:28:07.619 seconds I'm gonna kick off the demo here and I will start 00:28:07.619,00:28:11.156 answering questions and uh yeah it's going to enter the pin and 00:28:11.156,00:28:14.493 uh so basically with the Arduino I needed to get it to an 01 00:28:14.493,00:28:17.195 state so I need to make sure that it's on screen and then 00:28:17.195,00:28:20.566 kick it off and it'll actually start pumping uh transactions 00:28:20.566,00:28:23.302 and it will pump out different uh based on the actual account 00:28:23.302,00:28:25.504 number that comes into it will actually pop out a different set 00:28:25.504,00:28:27.873 of money so I hope they don't fall off stage [silence] [cheer] 00:28:27.873,00:28:32.878 yeah they're jackpot number so [mumble] [whoo] I was scared my 00:29:31.436,00:29:34.072 ATM demo was going to blow up and the AV stuff for one ran 00:29:34.072,00:29:36.942 crazy there at the beginning so yeah as you can hear it sounds 00:29:36.942,00:29:39.544 like rattlesnakes those are little Arduino servos actually 00:29:39.544,00:29:42.481 entering the pin number so and hopefully the money is coming 00:29:42.481,00:29:45.217 out good so but yeah uh does anybody have any questions if 00:29:45.217,00:29:47.619 you want to come up to the microphones um some of this is 00:29:47.619,00:29:50.088 very very ridiculous you have to read about 1,400 pages some 00:29:50.088,00:29:52.924 stuff but I will explain to the best of my ability anybody any 00:29:52.924,00:29:55.293 questions uh I will also be onstage just want to thank you 00:29:55.293,00:30:00.298 all for coming so [cheer] thank you.