web analytics

BDO ATM on Command Line




While making a withdrawal in one of the BDO ATM last night, the screen suddenly popped up showing a command line window. I was able to quickly take a quick snap shot below.

While it’s no uncommon to see teller machines on blue screens of death (BSOD), this is one is a bit odd to me as it shows the command line window and FTP instructions to some IP address.

bdo atm machine

I thought it was just a bug, but then after I repeated my initial steps 2 or 3 times, the window did not show up again.

Good thing it didn’t show any passwords in it or something really sensitive. Although it was possible those two guys ahead of me were doing something to the ATM I just didn’t noticed.



Abe is the founder and Editor-in-Chief of YugaTech. You Can follow him on Twitter @abeolandres.

You may also like...

30 Responses

  1. WHOA!!! IF THATS HAPPENED TO U IT MIGHT HAPPEN TO ME TOO OR EVERYONE USING BDO ATM , SIR ABE. . I’M A BDO ATM HOLDER TOO. . . . I HOPE IT WONT HARM THIER ATM SERVICES.

  2. Yup, that is indeed odd. SCARY!!!

  3. Andre Marcelo-Tanner says:

    that ip though is i believe is local and not for internet access, so it might be a batch job or something
    http://whois.domaintools.com/172.16.16.106

  4. Probably those two guys were from BDO, their bodyguards went ahead of them (which I believe is against the protocols). I’ve seen a few incidents where the guy or guys who have the “master” card was left alone by their bodyguards because he was “simply” doing a final test run.

    Which is… dangerous. But regardless.. if those two guys ahead of you were not from the bank, then they got hold of a master card/key, or they’re testing their newly created master card/key.

  5. Kenneth says:

    Woah, that’s scary… Sana lang walang nakuhang details or info about your account and the one’s before and next to you. Can BDO explain this as well?

  6. yuga says:

    @JC – it was last in the evening so I don’t think those guys were from BDO.

    @Kenneth – the window popped up for 6 or 7 seconds and disappeared so I wasn’t able to see the whole thing as it scrolled.

    @Andre – I think that batch command should have ran from the background but something triggered it to pop up.

  7. Anonymous says:

    Don’t worry much, it seems just a scheduled task. This ATM machines are on a private and secured networks.

  8. kyrios says:

    Although I haven’t seen an ATM CLI in action yet, I have encountered an ATM flashing/showing its XP desktop screen.

  9. iMadrid says:

    This doesn’t suprise me. BDO’s ATM network is unreliable.

    I have a BDO ATM account. There are countless times that I wasted time falling in line only later to find out that I cant even access my account. But when I used another bank’s atm network. I could access it with no problem and get my cash. Thanks a lot BDO for that bank charges. =(

  10. godie says:

    What you saw was the “Roll-over”, wherein transaction logs are sent for comparison. This what they check in case there are reports of incomplete transaction (eg: transaction time-out errors with no cash dispensed but it debited your account). It probably run as scheduled job since the CMD window reads svchost.exe, you can just run the script as scheduled command like c:\windows\system32\ftp.exe -s:runftp.txt

    Anyway,try the internet banking kiosk at SM-Makati (At ATM center), you can surf net and check your mail. LoL. Im not sure if they reverted my changes to config there yet, but should be easy to figure out yourself how to get net. I’ll try to visit it sometime again and check :D

    Finally, a lot of BPI ATMs at Glorieta uses wireless radio, this is not the same as WIFI — I pick them up on my laptop without SSID, its a high grade version maybe similar to WAN Sync. Still it uses the same principle of WIFI connection, easy to eaves drop on.

    BTW even here at my neighborhood, you’ll be amazed how much data floats in the airwaves if you set your WIFI to passive read; IM chats, skype calls, even open file shares. :D

    So yeah, banks sucks in terms of security because they think nobody understood how these thinks work anyway but an average script kiddie will do a better job than their software development dept. X_X

  11. Anonymous says:

    @godie – banks uses encrypted data transmission.

  12. madzman23 says:

    @Anonymous – we all know that it should have encrypted data transmission and “IT SHOULD” really have. But I think godie is trying to say that “some” of those bank dont do it that way, or maybe they forgot it. LOLZ.. Kidding aside, If godie is saying the truth, mobile banking in the country is at a very high risk if hackers will know about this. To think that there are lots of Filipino who are good in IT, maybe there are some that can break into this.

    @godie – Dude, you should not give that info in public. ^_~

    Well, as I can see in the CLI. It tells that it runs the svchost.exe. It also connects in a local private ip address. Well svchost.exe is a double-edged blade that runs on window which can be used as secured connection or it can also be used as a backdoor way for hackers. It is also registered as a Trojan. This Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system. So those 2 guyz ahead of you abe should be the one responsible for that, and to think that it was late in the evening, they might got something to do with it.

    I also have an account in BDO. :(

  13. des says:

    Happened to a friend of mine about a couple of years ago but with a BPI atm naman

  14. jox says:

    it happened also to me in ucpb machine.

  15. muonlinex says:

    Hi to all…

    The command line you see in those atm are the task schedule for uploading the Electronic Journal to the Central office of the bank. This does not affect the transaction or account of the user using the ATM.

  16. It looks like a scheduled job. I think this specific atm is uploading the transactions to a central server. (172.16.16.106 – looks like a private ip addr)

    A look at the file, it seems that the file naming convention includes date/time. (Jan 9, 2009) thus the 090109 in the file name.

  17. sleepy says:

    I have actually already encountered this situation… when i changed my PIN..

    And I learned that it’s the new system that BDO setup in that area..

    So, there are times that this command line shows up, but it should be actually fast.. really fast..

    Good you got a snapshot of it, a good idea would be to submit a report to BDO…

  18. edge says:

    that’s scary.. Their local network could be vulnerable to attacks if the command prompt would show up confidential information like account numbers or PINs..

  19. kristina says:

    oh, dear…now I’m beginning to have second thoughts with my BDO ATM and internet banking application…any encouragements? (discouragements?)

  20. juan says:

    looks like somebody’s using ftp to transfer some files on the atm to another computer.

    sana man lang sftp ginamit para encrypted. isipin mo na lang kung me makaka intercept ng network traffic na yan…

  21. BT says:

    It is a non-routable address (172.16.0.0 – 172.31.255.255) hence, a private IP address and cannot be traced.Kabahan na tayo kung yung IP address na nakalagay jan eh public IP. Nakows, lagot na. (I’m a BDO fan too.lol)

  22. crates says:

    hi. just opened an ATM account with BDO. grabe, scary naman yan.
    anyway, i have a question.
    di ba sa intial deposit (and to the succeeding ones), may receipt sila na ibibigay? yung number ba na nag-appear dun yung account number? i just noticed that the number in that receipt is the same as the one indicated in the confirmation letter that bdo sent me days after i opened an account. ilang digits ba usually yung account number dun? before kasi metrobank ako. thanks a lot.

  23. jake says:

    ay spy cam ba atm nila??

  24. raketeer_mom says:

    I promise to myself tonight.. this is going to be my last transaction with any BDO ATM machines. When I made a withdrawal just an hour ago, the screen prompted a successful transaction as in “GET YOUR CASH” tapos I’ve waited for minutes I guess.. biglang temporarily unable to process… TAE!!

  25. kait says:

    pnb atm ng mom ko may nag withdraw ng 10k..nagtaka sya kasi wala na ung maintaning balance nya. so nireklamo nya sa pnb ang sabi lang sa kanya may nag withdraw sa other bank un lang ang info na binigay then pinaiwan ang atm.ganun lang ba yun?

  26. huhuhu says:

    mga bobo kayo

  27. Algie123 says:

    Can we use the bdo atm card to verify paypal account?

  28. Algie123 says:

    Sir, patulong naman po sa problema ko sa bdo. Sa tingin ko po kasi hinohold nila ang funds ko. Bago po kasi nangyari yun eh, nag karoo po ako ng dispute case pero naayos naman na po. Ngayon po ng wiwithdrahin ko na po yung pera ko na halagang 29,300.00 pesos, eh hanggang ngayon eh pending parin ang status. HIndi ko po alam kung saan na napunta ang pera ko kasi ang sabi nila baka daw ang problema eh sa banco de oro, tapos sa canadian bank daw na nagpaprocess ng payment nila tapos ngayon naman daw eh ikiniclear pa daw ng paypal mismo kung meron daw akong sending limits etc. In case po na hinohold nila ang pera ako or di ko makuha ang pera ko, ano pong gagawin ko?? Salamat po ng marami!!

  29. I just saw this in this year 2011. anyway, it’s uploading some datas on the server

  30. peace says:

    aw. hndi hack yan pag wala ka alam sa computer bobo ka talaga sabi nga ni huhuhuhu pero kahit din c huhuhu bobo din walang alam talaga>>.<<

Leave a Reply

Your email address will not be published. Required fields are marked *

Open

Close