ATM Maker Publishes Password; Thief Appreciates The Courtesy
Written by Evan SchumanMay 6th, 2010
The popular IT directive to "RTFM" was taken to heart by one cyberthief, who read the manual from an ATM manufacturer to learn its machines' default password and the key sequence to access that machine's programming. Having gained that access, according to an FBI affidavit, the cyberthief was going to tell the machine it was loaded with one-dollar bills—instead of the 20s it really held—which would allow him to boost his original investment 20-fold.
The man arrested, Thor Alexander Morris, said he worked at a Food Lion in North Carolina as a manager. Morris used Wal-Mart Green Dot Pre-Paid cards ($400 each) and a false ID to purchase those cards. The FBI said Morris' plan was to attach GPS tracking devices on the vehicle of an ATM maintenance person working for ATM manufacturer Tranax and hit some 35 ATMs in Houston while wearing a wig, a goatee and different clothing as a disguise.
This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.
Already a Subscriber? Login Here
5 Comments | Read ATM Maker Publishes Password; Thief Appreciates The Courtesy
Leave a Reply
Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
-Ed
May 7th, 2010 at 10:16 am
Are you sure it wasn’t the real Barack Obama, perhaps researching a new revenue stream for the IRS?
May 7th, 2010 at 10:44 am
I thought this sounded familiar so I quickly googled tranax default password and found the same thing happened in September 2006. Back then, Tranax promised a software patch for their ATMs that would force a default password change. Guess that didn’t go too well…
May 7th, 2010 at 5:49 pm
This article makes it sound like the manual shouldn’t have the default password. The duty, clearly and simply, is people should NEVER USE A DEFAULT PASSWORD, it is just that simple, and that virtually any ATMs are left with a default password is absolutely beyond me as it seems quite clear that is fundamental security for such an important device.
May 8th, 2010 at 9:55 am
Would be even funnier if the thief actually wore a Barak mask… Just another way the government steals your dough. Banks are allowed to make too much money. Literally!!!
May 12th, 2010 at 4:49 pm
and THAT IS WHY folks that applications nowadays must come with a forced password default change upon first log-in… to prevent laziness… all apps should follow the PCI requirement of minimum of 7 characters alphanumeric and cannot reuse the last 4 passwords.