Mabokosi achitsulo okhala ndi ndalama ataima m'misewu ya mzindawo sangalephere kukopa chidwi cha okonda ndalama zachangu. Ndipo ngati kale njira zakuthupi zinkagwiritsidwa ntchito kuchotsa ma ATM, tsopano zanzeru zambiri zokhudzana ndi makompyuta zikugwiritsidwa ntchito. Tsopano chofunikira kwambiri mwa iwo ndi "bokosi lakuda" lomwe lili ndi microcomputer imodzi mkati. Tikambirana momwe zimagwirira ntchito m'nkhaniyi.
Mtsogoleri wa International ATM Manufacturers Association (ATMIA) "Mabokosi akuda" ngati chiwopsezo chowopsa ku ma ATM.
ATM wamba ndi gulu la zida zopangidwa ndi electromechanical zomwe zimakhala m'nyumba imodzi. Opanga ma ATM amapanga zida zawo zopangira mabilu, owerengera makhadi ndi zida zina zomwe zidapangidwa kale ndi othandizira ena. Mtundu wa LEGO wopanga wamkulu. Zigawo zomalizidwa zimayikidwa mu thupi la ATM, lomwe nthawi zambiri limakhala ndi zipinda ziwiri: chipinda chapamwamba ("cabinet" kapena "dera la utumiki"), ndi chipinda chochepa (chotetezeka). Zigawo zonse zamagetsi zimalumikizidwa kudzera pa madoko a USB ndi COM kugawo la dongosolo, lomwe pakadali pano limakhala ngati wolandila. Pamitundu yakale ya ATM mutha kupezanso zolumikizira kudzera pa basi ya SDC.
Kusintha kwa ATM Carding
Ma ATM okhala ndi ndalama zambiri mkati nthawi zonse amakopa makadi. Poyamba, makadi adangogwiritsa ntchito zofooka zazikulu za chitetezo cha ATM - amagwiritsa ntchito skimmers ndi shimmers kuba deta kuchokera ku mikwingwirima ya maginito; mapadi abodza ndi makamera owonera ma pini; ngakhalenso ma ATM abodza.
Kenako, ma ATM atayamba kukhala ndi mapulogalamu ogwirizana omwe amagwira ntchito molingana ndi miyezo wamba, monga XFS (eXtensions for Financial Services), osunga makadi adayamba kuukira ma ATM okhala ndi ma virus apakompyuta.
Zina mwazo ndi Trojan.Skimmer, Backdoor.Win32.Skimer, Ploutus, ATMii ndi ena ambiri otchulidwa ndi osatchulidwa pulogalamu yaumbanda, omwe makadi amabzala pa ATM host host mwina kudzera pa bootable USB flash drive kapena kudzera pa TCP remote control port.
Njira yothetsera matenda a ATM
Atalanda kachitidwe kakang'ono ka XFS, pulogalamu yaumbanda imatha kupereka malamulo kwa operekera ndalama popanda chilolezo. Kapena perekani malamulo kwa wowerenga makhadi: werengani / lembani chingwe cha maginito cha khadi la banki komanso kupezanso mbiri yamalonda yomwe yasungidwa pa chip khadi ya EMV. EPP (Encrypting PIN Pad) ndiyofunika chidwi chapadera. Nthawi zambiri zimavomerezedwa kuti PIN code yomwe idalowetsedwapo siyingalandidwe. Komabe, XFS imakulolani kuti mugwiritse ntchito pinpad ya EPP m'njira ziwiri: 1) njira yotseguka (yolowera magawo osiyanasiyana a manambala, monga kuchuluka kwa ndalama zomwe ziyenera kutulutsidwa); 2) njira yotetezeka (EPP imasintha pamene mukufuna kuyika PIN code kapena chinsinsi chachinsinsi). Mbali iyi ya XFS imalola wopereka khadi kuti achite chiwonongeko cha MiTM: gwirani lamulo loyambitsa njira yotetezeka lomwe limatumizidwa kuchokera kwa wolandirayo kupita ku EPP, ndiyeno dziwitsani EPP pinpad kuti ipitirize kugwira ntchito yotseguka. Poyankha uthengawu, EPP imatumiza makiyi omveka bwino.
Mfundo yogwiritsira ntchito "black box"
Mzaka zaposachedwa, Europol, pulogalamu yaumbanda ya ATM yasintha kwambiri. Makhadi sakufunikanso kukhala ndi mwayi wopita ku ATM kuti aipatse. Atha kupatsira ma ATM kudzera pa intaneti yakutali pogwiritsa ntchito netiweki yamabanki. Gulu IB, mu 2016 m'mayiko oposa 10 a ku Ulaya, ma ATM anali kuzunzidwa kutali.
Kuukira pa ATM kudzera pakutali
Ma antivayirasi, kutsekereza zosintha za firmware, kutsekereza madoko a USB ndi encrypting hard drive - pamlingo wina kuteteza ATM ku ma virus omwe amapangidwa ndi makadi. Koma bwanji ngati carder saukira wolandirayo, koma amalumikizana mwachindunji ndi periphery (kudzera RS232 kapena USB) - kwa owerenga makhadi, pini pad kapena dispenser ndalama?
Kudziwa koyamba ndi "black box"
Makadi amakono aukadaulo , pogwiritsa ntchito zomwe zimatchedwa kuba ndalama ku ATM. "Mabokosi akuda" ndi ma microcomputer opangidwa ndi gulu limodzi, monga Raspberry Pi. "Mabokosi akuda" opanda ma ATM opanda kanthu, mwamatsenga kwathunthu (kuchokera kumabanki) njira. Makhadi amalumikiza chipangizo chawo chamatsenga mwachindunji ku dispenser; kuchotsa ndalama zonse zomwe zilipo. Kuwukiraku kumadutsa mapulogalamu onse achitetezo omwe amayikidwa pa ATM host host (antivayirasi, kuwunika kukhulupirika, kubisa kwathunthu kwa disk, ndi zina).
"Black box" yochokera ku Raspberry Pi
Opanga ma ATM akulu kwambiri ndi mabungwe azamalamulo aboma, akukumana ndi machitidwe angapo a "black box", kuti makompyuta ochenjera ameneΕ΅a amasonkhezera ma ATM kulavula ndalama zonse zomwe zilipo; 40 banki masekondi 20 aliwonse. Mabungwe achitetezo amachenjezanso kuti opereka makhadi nthawi zambiri amayang'ana ma ATM m'ma pharmacies ndi malo ogulitsira; komanso kuma ATM omwe amatumikira oyendetsa galimoto popita.
Panthawi imodzimodziyo, kuti asawonekere kutsogolo kwa makamera, makadi osamala kwambiri amatenga thandizo la mnzanu wosafunika kwambiri, bulu. Ndipo kotero kuti sangathe kudzipangira yekha "bokosi lakuda", amagwiritsa ntchito . Amachotsa ntchito zazikulu kuchokera ku "bokosi lakuda" ndikugwirizanitsa foni yamakono kwa iyo, yomwe imagwiritsidwa ntchito ngati njira yotumizira malamulo patali kupita ku "bokosi lakuda" lochotsedwa kudzera pa IP protocol.
Kusintha kwa "black box", ndikuyambitsa kudzera pakutali
Kodi izi zikuwoneka bwanji malinga ndi momwe amabanki amawonera? Pazojambula kuchokera ku makamera a kanema, chinthu chonga ichi chimachitika: munthu wina amatsegula chipinda chapamwamba (malo ogwiritsira ntchito), amagwirizanitsa "bokosi lamatsenga" ku ATM, amatseka chipinda chapamwamba ndikusiya. Patapita nthawi, anthu angapo, omwe amawoneka ngati makasitomala wamba, amayandikira ATM ndikuchotsa ndalama zambiri. Wopereka khadiyo amabwerera ndikukatenga kachipangizo kake kamatsenga ku ATM. Kawirikawiri, kuukira kwa ATM ndi "bokosi lakuda" kumapezeka patatha masiku angapo: pamene chitetezo chopanda kanthu ndi chipika chochotsa ndalama sichikugwirizana. Zotsatira zake, ogwira ntchito ku banki amatha .
Kusanthula kwa mauthenga a ATM
Monga tafotokozera pamwambapa, kulumikizana pakati pa chipangizo chamagetsi ndi zida zotumphukira kumachitika kudzera pa USB, RS232 kapena SDC. Kadi amalumikizana mwachindunji ndi doko la chipangizo chozungulira ndikutumiza malamulo kwa icho - kudutsa wolandirayo. Izi ndizosavuta, chifukwa ma interfaces okhazikika safuna madalaivala aliwonse. Ndipo ma protocol ogwirizana omwe ozungulira ndi wolandila amalumikizana nawo safuna chilolezo (pambuyo pake, chipangizocho chili mkati mwa zone yodalirika); chifukwa chake ndondomeko zosatetezedwa izi, zomwe zotumphukira ndi wolandirayo amalumikizana, zimakhala zosavuta kumva ndipo zimatha kutengeka mosavuta.
Kuti. Makhadi amatha kugwiritsa ntchito pulogalamu ya pulogalamu kapena hardware analyzer, kulumikiza mwachindunji ku doko la chipangizo chapadera (mwachitsanzo, owerenga makhadi) kuti atenge deta yotumizidwa. Pogwiritsa ntchito makina owerengera magalimoto, wopereka khadi amaphunzira zonse zaukadaulo za ntchito ya ATM, kuphatikiza ntchito zosagwirizana ndi zotumphukira zake (mwachitsanzo, ntchito yosinthira firmware ya chipangizo chotumphukira). Zotsatira zake, wopereka makhadi amapeza mphamvu zonse pa ATM. Nthawi yomweyo, zimakhala zovuta kuzindikira kukhalapo kwa traffic analyzer.
Kuwongolera kwachindunji pa choperekera ndalama za banki kumatanthauza kuti makaseti a ATM amatha kukhuthulidwa popanda kujambula m'zipika, zomwe nthawi zambiri zimalowetsedwa ndi mapulogalamu omwe amatumizidwa kwa wolandirayo. Kwa iwo omwe sadziwa ma ATM hardware ndi mapangidwe a mapulogalamu, amatha kuwoneka ngati matsenga.
Kodi mabokosi akuda amachokera kuti?
Otsatsa ma ATM ndi ma subcontractors akupanga zida zowongolera kuti azindikire zida za ATM, kuphatikiza zimango zamagetsi zomwe zimachotsa ndalama. Zina mwa zothandizira izi: , . Chithunzi chili m'munsichi chikuwonetsa zina zambiri zothandizira zowunikira.
ATMDesk Control Panel
RapidFire ATM XFS Control Panel
Kufananiza makhalidwe angapo diagnostic zida
Kufikira pazinthu zotere nthawi zambiri kumangokhala ndi zizindikiro zamunthu; ndipo amangogwira ntchito pamene chitseko cha ATM chili chotseguka. Komabe, kungosintha pang'ono ma byte mu code binary ya zofunikira, ma carders Kuchotsa ndalama "kuyesa" - kudutsa macheke operekedwa ndi wopanga zida. Makadi amayika zida zosinthidwa zotere pa laputopu yawo kapena makina ang'onoang'ono a board, omwe amalumikizidwa mwachindunji ndi choperekera ndalama kuti achotse ndalama mosaloledwa.
"Makilomita otsiriza" ndi malo opangira fake
Kulumikizana kwachindunji ndi zozungulira, popanda kuyankhulana ndi wolandira, ndi imodzi mwa njira zogwirira ntchito zolembera. Njira zina zimadalira kuti tili ndi maukonde osiyanasiyana omwe ATM amalankhulana ndi akunja. Kuchokera ku X.25 kupita ku Efaneti ndi ma cellular. Ma ATM ambiri amatha kuzindikirika ndikukhazikika pogwiritsa ntchito ntchito ya Shodan (malangizo achidule kwambiri ogwiritsira ntchito amaperekedwa ), - ndi chiwonongeko chotsatira chomwe chimagwiritsa ntchito kasinthidwe ka chitetezo chotetezeka, ulesi wa woyang'anira ndi mauthenga osatetezeka pakati pa madipatimenti osiyanasiyana a banki.
"Makilomita otsiriza" olankhulirana pakati pa ATM ndi malo opangira zinthu ndi olemera mumitundu yosiyanasiyana ya matekinoloje omwe angakhale ngati malo olowera kwa khadi. Kulumikizana kumatha kuchitidwa kudzera pa mawaya (telefoni kapena Efaneti) kapena opanda zingwe (Wi-Fi, ma cellular: CDMA, GSM, UMTS, LTE) njira yolumikizirana. Njira zotetezera zingaphatikizepo: 1) hardware kapena mapulogalamu othandizira VPN (zonse zokhazikika, zomangidwa mu OS, ndi anthu ena); 2) SSL/TLS (zonse za mtundu wina wa ATM komanso kuchokera kwa opanga chipani chachitatu); 3) kubisa; 4) kutsimikizika kwa uthenga.
Komabe, kuti kwa mabanki matekinoloje otchulidwawo amawoneka ovuta kwambiri, choncho samadzivutitsa okha ndi chitetezo chapadera cha intaneti; kapena amachichita ndi zolakwika. Pabwino kwambiri, ATM imalankhulana ndi seva ya VPN, ndipo kale mkati mwa intaneti yachinsinsi imagwirizanitsa ndi malo opangira. Kuphatikiza apo, ngakhale mabanki atha kugwiritsa ntchito njira zodzitetezera zomwe zatchulidwa pamwambapa, khadi ili kale ndi ziwopsezo zowatsutsa. Kuti. Ngakhale chitetezo chikugwirizana ndi muyezo wa PCI DSS, ma ATM akadali pachiwopsezo.
Chimodzi mwazofunikira za PCI DSS ndikuti deta yonse yodziwika bwino iyenera kubisidwa ikatumizidwa pa intaneti. Ndipo tili ndi ma netiweki omwe adapangidwa koyambirira kuti deta yomwe ili mkati mwake ikhale yobisika kwathunthu! Chifukwa chake, ndizokopa kunena kuti: "Deta yathu idabisidwa chifukwa timagwiritsa ntchito Wi-Fi ndi GSM." Komabe, ambiri mwa maukondewa sapereka chitetezo chokwanira. Maukonde am'manja amibadwo yonse akhala akubedwa kwanthawi yayitali. Pomaliza komanso mosasinthika. Ndipo palinso ogulitsa omwe amapereka zida zolumikizira zomwe zimatumizidwa pa iwo.
Chifukwa chake, mwina pakulumikizana kosatetezeka kapena pamaneti "achinsinsi", pomwe ATM iliyonse imadziwonetsera yokha ku ma ATM ena, kuukira kwa "fake processing center" kungayambike - zomwe zipangitsa kuti carder ayambe kuwongolera zomwe zikuyenda pakati pawo. ATM ndi processing center.
Ma ATM ambiri amatha kukhudzidwa. Panjira yopita ku malo enieni opangira, cardr amaika yake, yabodza. Malo opangira zinthu zabodzawa amapereka malamulo kwa ATM kuti apereke ndalama zamabanki. Pankhaniyi, khadiyo imakonza malo ake opangira zinthu m'njira yoti ndalama zimaperekedwa mosasamala kanthu kuti ndi khadi liti lomwe limayikidwa mu ATM - ngakhale litatha kapena liri ndi zero. Chinthu chachikulu ndikuti malo opangira fake "amazindikira" izo. Malo opangira zinthu zabodza atha kukhala chinthu chodzipangira tokha kapena makina opangira makina, omwe adapangidwa kuti athetse vuto la netiweki (mphatso ina yochokera kwa "wopanga" kupita kwa makadi).
Pa chithunzi chotsatira kutaya malamulo operekera ndalama zokwana 40 kuchokera ku kaseti yachinayi - yotumizidwa kuchokera ku malo opangira zinthu zabodza ndikusungidwa muzitsulo zamapulogalamu a ATM. Iwo amawoneka pafupifupi enieni.
Lamulani kutaya malo opangira zinthu zabodza
Source: www.habr.com