Subject:  The Black Hat Demonstration

Regarding the ‘hacking’ demonstration reported from the Black Hat conference, which showed a potential vulnerability for someone to upload malicious software to the ATM via the RMS (Remote Management) function.

To close this potential hole, we advise customers to update their terminals with the following software:

1700W
Full Install:   http://ftp.hantle.com/AP/1700W_AP_V020113W_Full.zip

Update:       http://ftp.hantle.com/AP/1700W_AP_V020113W_Update.zip

C4000
Full Install:   http://ftp.hantle.com/AP/C4000_AP_V020113C_Full.zip

Update:       http://ftp.hantle.com/AP/C4000_AP_V020113C_Update.zip

T4000
Full Install:   http://ftp.hantle.com/AP/T4000_AP_V020113T_Full.zip

Update:       http://ftp.hantle.com/AP/T4000_AP_V020113T_Update.zip

* Note for T4000, this also includes the Service Panel fix (not allowing access)

Software Install Instructions

http://ftp.hantle.com/Manuals/Software_Update_Instructions.pdf

In the mean time, if you’re concerned about this story and you’re not using RMS to monitor your terminals you can advise your customers to disable the RMS receive function (if not already done) via the Operator Function Menu.  This will prevent the ATM from answering RMS requests at all.

(Master or Service password required) Host Setup > Remote Monitor > RMS Receive = Disabled
With RMS disabled, the ATM will not answer the phone.

If you are a customer using RMS, we advise that you download the new software and update your machines.

Demonstrations such as this remind everyone of the threats our industry faces. We take these very seriously and will continue to look for ways to make to our machines secure.

If you have any questions please contact [Hantle] Technical Support.