An NFC (Near-Field Communication) smartphone could hack an ATM when the user waves the handset. Josep Rodriguez, a researcher, and consultant at IOActive Seattle-based security firm, was the first one to discover this issue.
He claimed that this hacking only needs an NFC device and a special Android app, which he developed. 
In this photo illustration a woman uses a cashpoint ATM on November 3, 2017 in Bristol, England. The Bank of England raised interest rates from a historic low for the first time in ten years this week raising costs of lending and concerns for householder debt.
"You can modify the firmware and change the price to one dollar, for instance, even when the screen shows that you're paying 50 dollars," said Rodriquez.
"You can make the device useless, or install a kind of ransomware. There are a lot of possibilities here," he added.
This is a big deal since most ATMs are now using NFC readers so that consumers no longer need to touch the actual machine or even insert their credit or debit card.
NFC Smartphone Hacks ATMs and POS Systems?
According to XDA Developers' latest report, various ATMs and Point-of-Sale systems now offer contactless accessibility.
An ATM machine is seen in a deli September 3, 2003 in New York City. Washington Mutual bank eliminated the fee it charges in New York to noncustomers who use its ATMs September 3.
Also Read: Google App Bug on Android Gets Dangerous Bug, Puts User's Data at Risk
Although this could be helpful during the ongoing pandemic, some experts claimed that it could put your bank details at risk, possibly leading to theft.
Rodriquez said that he discovered that his new modified Android app can be used together with an NFC smartphone to hack ATMs and forcibly dispense money from the machines.
Android Authority also reported that the security experts started his study by buying NFC readers and POS devices from eBay.
He found out that many of these devices do not validate the size and the data packet is sent via NFC from the user ban card to the reader during his study.
How Does Rodriquez's Technique Work?
Rodriquez posted a video of his finding to show how the new hacking method works. In the footage, he can be seen waving his NFC smartphone over the NFC reader of an ATM, which is located in Madrid.
After he waved his device, the ATM suddenly displayed an error message. However, he didn't show the jackpotting attack. The reason behind this is he could only legally test it on machines obtained as part of IOActive's security consulting.
If he showed the jackpotting attack, the security researcher will be considered violating the security firm's nondisclosure agreement.
For more news updates about the NFC smartphone hack and other similar breaches, always keep your tabs open here at TechTimes.
Related Article: Ransomware Roundup: Cl0p Releases New Stolen Data; EU, US to Team Up Against Attacks
This article is owned by TechTimes
Written by: Griffin Davis
