Jump to content

USA E-Port G8 Hacked?


rmorris1953

Recommended Posts

Customer of mine call today saying his customer at a account called him today with this message on his C/C reader. No one know how it got there? 

 

 

Tried to post picture not having any luck 

 

It says Run away now vendor to blow

 

http://i800.photobucket.com/albums/yy283/rmorris1953/Mobile%20Uploads/FullSizeRender_zpsahidvqsa.jpg

Link to comment
Share on other sites

I have never heard of that happening before.  I would certainly bring that up to USAT because there isn't even a way for the user to input a message on the screen.  It might be possible for a custom message to be programmed by USAT but if someone can hack the card reader then that just blows the theory that these devices are secure.  I would think that USAT would be very concerned and would be all over this to save their reputation.  Let us know what they say and do about it.

Link to comment
Share on other sites

I wouldn't worry.

Do you know the security in those system just to get the vending manufactors to use them? plus, the system is encrypted. someone would have to break into your machine, take out the unit, decrypt the software, add a patch then sneak it back in.

plus, there is no way to blow up a machine via software.

worse to worse would be like make the machine freeze all the products,

but the software don't even have that kind of control over the machine.

so I would say ignore it.

Link to comment
Share on other sites

In todays age things like this can't be ignored. What if this was in a school. Would you not take it serious? USA has been contacted and are diligently trying to find out what happened.

 

Maybe someone thought it would be funny.  

 

I do know his customer doesn't think it is funny and they aren't going to ignore it. If it happens again he will have to pull all the C/C readers

Link to comment
Share on other sites

This is unrelated, but I had an odd service charge on my bank account one day.  The charge was pending at around $60 for miscellaneous.  That usually referred to a service charge.  However, my service charges are usually around $15 per month, not $60.  

 

I thought that I may have had an overdraft but those show up as actual overdrafts and separate from service charges.

 

I talked to the branch manager and he talks through the service charges and he goes "And here is the big one, you must gotten a lot of coins."  I looked at him with this dumbfounded look on my face because I had just gotten done depositing a bunch of coins (about $350 worth) into their coin machine.  I told him that I don't recall getting ANY change in the past month.  I am constantly running to the bank to DEPOSIT change and there is no fee for active customers like myself (there is a charge for non-customers).

 

He looked at me (kind of dumbfounded too) as he had just seen me deposit a bunch of coins and he told me that it only happened once but the fee was about $35.00.  Well, he told me that they charge 10 cents per roll... so that $35.00 fee was for 350 ROLLS of coin.  I kind of laughed and told him that it was funny because... even if these were all NICKELS at $2.00 per roll (why would anyone need 350 rolls of pennies?), it would have added up to a $700 CREDIT from my account.  Coincidentally, the only withdrawal that I had made that was close to that much was about $800 and it was in the form of $20 bills which was 40 individual bills.  I think they charge 1 cent per bill at the teller but that should have added up to about a 40 cent charge if anything... not $36.

 

The other service charge that we noticed was a night deposit charge of about $3.  I brought it up and he said I must have made a night deposit but I notified him that I don't even know how to make a night deposit lol. .

 

The point to this story was that we concluded that SOMEHOW a teller must have listed a night drop AND a coin withdrawal under my account.  I told him it concerned me because... how would the teller even know my account information to do that?  I am sure they can look my information up and all but how do you confuse me with someone else TWICE.  I mean... a night deposit happens after the bank closes... while a coin withdrawal happens during bank hours.  

 

I did get the $38 credited back to my account.  He even asked me about being over the "limit" for monthly cash deposited and I told him that I probably was over and I wasn't concerned about those charges as they seem correct.

 

You just never know what employees are doing at the bank, at the credit card companies, or the processing companies.  It only takes one angry (no pun intended) employee to ruin someone's day.

Link to comment
Share on other sites

This is unrelated, but I had an odd service charge on my bank account one day.  The charge was pending at around $60 for miscellaneous.  That usually referred to a service charge.  However, my service charges are usually around $15 per month, not $60.  

 

I thought that I may have had an overdraft but those show up as actual overdrafts and separate from service charges.

 

I talked to the branch manager and he talks through the service charges and he goes "And here is the big one, you must gotten a lot of coins."  I looked at him with this dumbfounded look on my face because I had just gotten done depositing a bunch of coins (about $350 worth) into their coin machine.  I told him that I don't recall getting ANY change in the past month.  I am constantly running to the bank to DEPOSIT change and there is no fee for active customers like myself (there is a charge for non-customers).

 

He looked at me (kind of dumbfounded too) as he had just seen me deposit a bunch of coins and he told me that it only happened once but the fee was about $35.00.  Well, he told me that they charge 10 cents per roll... so that $35.00 fee was for 350 ROLLS of coin.  I kind of laughed and told him that it was funny because... even if these were all NICKELS at $2.00 per roll (why would anyone need 350 rolls of pennies?), it would have added up to a $700 CREDIT from my account.  Coincidentally, the only withdrawal that I had made that was close to that much was about $800 and it was in the form of $20 bills which was 40 individual bills.  I think they charge 1 cent per bill at the teller but that should have added up to about a 40 cent charge if anything... not $36.

 

The other service charge that we noticed was a night deposit charge of about $3.  I brought it up and he said I must have made a night deposit but I notified him that I don't even know how to make a night deposit lol. .

 

The point to this story was that we concluded that SOMEHOW a teller must have listed a night drop AND a coin withdrawal under my account.  I told him it concerned me because... how would the teller even know my account information to do that?  I am sure they can look my information up and all but how do you confuse me with someone else TWICE.  I mean... a night deposit happens after the bank closes... while a coin withdrawal happens during bank hours.  

 

I did get the $38 credited back to my account.  He even asked me about being over the "limit" for monthly cash deposited and I told him that I probably was over and I wasn't concerned about those charges as they seem correct.

 

You just never know what employees are doing at the bank, at the credit card companies, or the processing companies.  It only takes one angry (no pun intended) employee to ruin someone's day.

 

So let me get this straight....you get charged for making deposits? And you get charged for making withdrawals? 

Link to comment
Share on other sites

I het charged for desposits and withdrawls with my small buisness bank account. Its a crock of golpher but all banks around here do it. I'm gonna just open a regular checking account at a bank I don't use and make that my new buisness account.

I get charged something like $2.50 per every $500 deposited. And $1 for every withdrawal.

Scammmm

Link to comment
Share on other sites

[quote name="BlindVending"

I het charged for desposits and withdrawls with my small buisness bank account. Its a crock of golpher but all banks around here do it. I'm gonna just open a regular checking account at a bank I don't use and make that my new buisness account.

I get charged something like $2.50 per every $500 deposited. And $1 for every withdrawal.

My bank fees are 37.50 per month for 20 transactions. Every transaction over that is 1.00

This includes Deposit, withdrawal, interact payment and transfers.

Don't take long to go over that but I'm still lower than the next tier account.

Not that this has anything to do with a hacked c/c reader.

Link to comment
Share on other sites

So let me get this straight....you get charged for making deposits? And you get charged for making withdrawals?

I get charged a basic service charge as there is no free checking anymore.

I get charged for EXCHANGING bills or coins.

I get charged for notes withdrawn and rolls withdrawn. I never need coins though lol. I probably produce around $700 in coins every week.

I also get charged for going OVER $5000 in monthly deposits. I'm about to have to move up to the next tier.

My bank is generally fast and there are probably 20 branches in a 30 mile radius so it's very convenient. A few branches have coin machines too and a lot of other banks have none or they charge you. The coin machine alone makes it worth while.

I generally don't get charged for deposits.

Link to comment
Share on other sites

I have never heard of that happening before. I would certainly bring that up to USAT because there isn't even a way for the user to input a message on the screen. It might be possible for a custom message to be programmed by USAT but if someone can hack the card reader then that just blows the theory that these devices are secure. I would think that USAT would be very concerned and would be all over this to save their reputation. Let us know what they say and do about it.

In the back office I am able to input any message I want on my eports display...under device settings
Link to comment
Share on other sites

Hmmm.  I've never seen any custom messages so I didn't know an operator could program their own messages.  Is it possible that this particular USA Eport was purchased used from an original owner?  The culprit could then be someone who can still access the card readers via the backoffice application to pull a stunt like that.

Link to comment
Share on other sites

So this might even have been changed by someone within the vending company's operation who has access to the Eport reporting data then?  Or does this level of access require a secondary password so that someone running and viewing reports won't have access to this? 

Link to comment
Share on other sites

Thanks guys. This particular E-Port was put in by USA. They were here for some reason and replaced his new one with it. They were doing some kind of test. I do know it wasn't new. 

 

As far as it being reprogrammed the only one who has access is only him and maybe his wife. I will see what I can find out about why they replaced it.  

Link to comment
Share on other sites

The customer is the only one with password. This all started a month or so ago when card swipes where showing up as a 4 cent vend. It was charging the correct amount and depositing the correct amount but records were only showing 4 cents. USA sent an engineer out to get first hand knowledge of the situation and at this time he replaced the reader with one he brought with him. It has worked with no problems since. Then yesterday morning this message started appearing for no apparent reason. 

Link to comment
Share on other sites

Boy, Roger, it sure does sound like it's been hacked somehow then.  The first .04 issue might not have been or it was the hacker seeing if it could be done and now he's gone further.  I would ask USA what they found wrong in the reader that they removed, if they even kept a record of it.  Do this guy and his wife have any kids that could have done this on their computer?  Is the location a high tech location with lots of bored geeky guys sitting around?  That would just increase the odds of anything being hacked.

Link to comment
Share on other sites

The malware would simply capture the login and password. After that the software could be hacked. As stated earlier the software backend of credit card accounts allows you to change the message displayed on each e-port.

My guess is the hacker was an novice without a real intention in hacking the account so instead used it to pull a prank and changed the message setting in the account.

Link to comment
Share on other sites

  • 3 weeks later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...