It seems like there’s nothing as easy as hacking an ATM: just follow the instructions. Two Canadian 14 years-old teenagers were able to take control of an ATM of Bank of Montreal, reports the Winnipeg Sun, observing the indications of a manual found on the Internet.
This Wednesday during their lunch break, the two boys decided to see if the manual they had found on the Web was reliable and true. They went to a mall and tried to compose the default PIN that lets one take control of the machine: the six-digit code specified by the manual worked. “We thought it would be fun to try, but we did not think at all that it would work,” said one of the boys. “Go away, this dispenser has been hacked.”
Being honest, they went to alert the closest bank’s agency. Employees did not believe their ears thinking it was a joke, they then asked for evidence of hacking to the two teenagers. “So we went back to the distributor, says Matthew, one of the young pirates. We got back in the system again. Then I started to grab some documentation, such as the amount of money that was contained in the dispenser, how many withdrawals took place that day… Then I found a way to modify overload fees which I lowered to 1 cent”. Last proof of piracy, if still needed, teens have changed the distributor’s greetings message, replacing the classic” Welcome to the distributor BMO “by an alarming “go away, this dispenser has been hacked.”
After returning to the agency, the bank employees have revised their judgment on the two teens. “They brought the Head to talk with us, he told us he was very worried and he would call the security department of the bank”, says Matthew. But for both college students, there was a bigger problem: the lunch break extension had been seriously long and they’d be late for the resumption of class. Agency director accepted writing their teacher an apology message: “Please apologize Caleb and Matthew for being late after lunch due to the help they have given to the safety of the Bank of Montreal”. The bank, in turn, assured that it would strengthen the security of its distributors and customers had no need to worry for their accounts and personal information.