At the Black Hat security conference, Barnaby Jack demonstrated two ways to get money from an ATM machine. These exploits can be done in person or remotely. One exploit requires a master key and to be at the ATM machine. The other involves connecting remotely to do your dirty work. In the latter method, the remote authentication is bypassed and a rootkit, named Scrooge, is installed. Another tool, Dillinger, allows him to keep track of compromised machines and the people who use them. Criminals can find the vulnerable machines through war-dialling, to find which machines respond. The hack had been discovered last year, but ATM vendors asked Jack to hold off until they were able to patch the vulnerability.