Live demo: How to hack ATMs, intercept mobile calls

This just in: ‘Distinguished’ experts will gather in Abu Dhabi next week to provide the participating delegates with a crash course in hacking ATM machines and intercepting mobile calls.

Sounds crazy? Then hear this out: they have the blessings of the Telecommunications Regulatory Authority (TRA), apparently.

The cause is noble, though. These experts will take the stage at an event called Black Hat (which is used to describe a hacker or cracker who breaks into a computer system or network with malicious intent) “to discuss and demonstrate some of the major security concerns faced by the IT world,” according to a statement by the organisers.

“To increase understanding, delegates at Black Hat Abu Dhabi will not only hear about security threats but will witness them first-hand as skilled security consultants and researchers, brought in from across the globe, attempt to hack ATM machines, mobile phones and computers,” it says.

According to the organisers, the invited speakers are leaders in their field, consulting for many multi-national corporations.

Barnaby Jack, Director of Research at IOActive Labs, has previously appeared at Black Hat Las Vegas, and will be providing the ‘demo’ for ATM-hacking. “Last year, there was one ATM; this year, I’m doubling down and bringing two new model ATMs from two major vendors. I will demonstrate both local and remote attacks, and I will reveal a multi-platform ATM rootkit. Finally, I will discuss protection mechanisms that ATM manufacturers can implement to safeguard against these attacks,” Jack says.

Another key presenter will be Zane Lackey, Senior Security Consultant with iSEC Partners, who will be holding a seminar titled "Why You Can't Trust Mobile Phone Networks for Critical Infrastructure". During the seminar, Lackey will intercept live phone calls on stage and explain how hackers can track user locations, potentially forge software updates or directly compromise mobile devices. He will also demonstrate steps individuals and organisations can take to fortify their mobile security.

The Telecommunications Regulatory Authority (TRA) represented by the UAE Computer Emergency Response Team (aeCERT), in cooperation with Khalifa University of Science and Technology with UBM, have brought Black Hat to the Middle East, recognising the importance of increasing online security.

The Grugq is a pioneering information security researcher with over a decade of professional experience and will be presenting a briefing titled 'Base Jumping: Attacking GSM Base Station Systems and mobile phone Base Bands', where the two main components of the attack system will be demoed - malicious base stations and malicious basebands. The base station enables fuzzing mobile phone basebands, as well as other attacks. The baseband is used to test the GSM network equipment for flaws, as well as to exploit backend systems.

Stephen A. Ridley, Senior Researcher, Matasano Security, will discuss and demonstrate practical techniques for the evasion and escape of "Sand-boxing" technologies. Many techniques have been discussed but only vaguely at popular security conferences. Very little *actual* code and demonstrations have been performed. This presentation will consist mostly of demonstrations and review of actual code.

Black Hat Abu Dhabi will take place from November 8-11 in Abu Dhabi.

Follow Emirates 24|7 on Google News.