King’s Viking ATM arc

IT Support

This page is mostly thinking aloud / discussing what is actually going on in the technical side of Kings Viking in the ATM arc. Word of warning: I’m not a professional in this field, so take everything with a grain of salt. The broad overview is that the VPN server the ATM uses to connect to the bank is extremely outdated and full of vulnerabilities, allowing a hacker to exploit it and conduct unauthorized transactions. Going into more technical detail… It would seem that the hacker spoofed the entire network that ATMs connect to the bank with, harvested data from people using the ATMs, then went to an ATM and had his server send queries to the real server based on the information he gathered from people using the ATM (I’m not sure if the money is being taken from the bank’s accounts or the accounts of the people who used the ATM before. It’s kind of unclear since there’s the picture with the absurd amount of money as a “balance” at the ATM, although Koreeda does explain it as if it’s from the people who used the ATM before). I also guess this means that the server was so old that it wasn’t using encrpytion for some reason (which it honestly should have been, even back then), or the hacker was skilled enough to break the encryption.

Moving on to what Koreeda is doing… He learns about the outdated VPN service in his trip to the Systems company, and then sets out to find the attacker. Koreeda is seriously bad at explaining things, and we more or less translated exactly what he was saying. When he says “he basically turned himself into an ATM”, (Arc 6 Chapter 5) he probably means that from the Bank’s point of view, the spoofed server the attacker is using looks like an ATM. He’s now going to do the same thing that the attacker is doing, which is “pretend to be an ATM”, baiting the attacker to be essentially attacking Koreeda as well when the attacker attacks the ATM network. It’s not exactly clear how he does it (whether by just joining the network as a new ATM, or picking an ATM in the network and intercepting communications to that ATM specifically, probably the latter), but it seems pretty reasonable given that he’s just doing what the other guy is doing. Once the guy attacks the network, Koreeda backtraces him because Koreeda can do that, and I’m guessing based on watching how the guy operates, he plans on catching the attacker in the act when he goes to collect the money from the ATM.

Now this part is interesting. Koreeda doesn’t actually have a way of knowing which ATM the attacker is going to target. The attacker is collecting all that customer information from the ATMs, but there’s no way of telling from that which ATM the attacker is going to target to collect his cash. This gives him two options, the first being he middlemans between the spoofed server and the real bank server, meaning he’ll intercept the attacker’s command to withdraw money from the ATM, and find out which ATM it is based on from what device the command claims to be from. How he recognized that it is the attacker’s command isn’t all that clear, unless it’s just a dirty attack that the system allows but honestly shouldn’t since someone looking at it can recognize it’s obviously an improper transaction. The other one would be middlemanning between each and every ATM to the spoofed server, so he’ll see which ATM is being asked to conduct the illegal transaction. He can’t just take over a single ATM, since this attack won’t be sent to every ATM, only the one he wants to do his bidding. Given how in Arc 6 chapter 6, Koreeda says he will be impersonating ATMs, he’s probably doing option 2. There probably aren’t that many ATMs, since the attack is limited to 2-3 marts in a certain district, so I guess it isn’t as insane as it sounded when I described it earlier. He’s basically just doing what he did earlier in order to detect the attacker, except with more machines.

The arrogant old dude from the cyber division’s comparison of Koreeda doing this as being comparable to suddenly being able to speak Russian simply from listening to other people speak Russian isn’t entirely on point, but it’s a pretty cool description. He only really needs to be able to pass batons back and forth. Attacker tries to send data to the ATM, Koreeda receives this data, and has to send the data forward to the ATM while looking like the correct server without messing up the format/anything else, and then take the data that the ATM tries to send back to the server, and pass that data back to the attacker/server. Anyway, Kings’ Viking is the best manga I’ve worked on (yes, better than Grand Blue). Thanks for reading.

2 thoughts on “King’s Viking ATM arc

Leave a Reply

Your email address will not be published. Required fields are marked *