Thursday, July 30, 2009

Recording your ATM PIN via the power cable

Two researches from Italy have developed a new form of Skimming (for the people that are not so security lingo savvy - skimming refers to an attack where an attacker eavesdrops the information that you are entering e.g. PIN and your ATM card information). This new attack uses the power line to determine which buttons you pushed on an ATM. Another attack they presented shows how the vibration of a notebook could be recorded and analyzed to replay what was typed.

Their presentation is available at: http://www.blackhat.com/presentations/bh-usa-09/BARISANI/BHUSA09-Barisani-Keystrokes-SLIDES.pdf

1SSA - Security consulting, training and products: http://www.1ssa.net