The Princeton University researchers say their software program can fraudulently change vote counts without being detected.
"We have created and analyzed the code in the spirit of helping to guide public officials so that they can make wise decisions about how to secure elections," said Edward Felten, director of the university's Center for Information Technology Policy.
The researchers obtained the machine, a Diebold AccuVote-TS, from an unidentified private party in May.
"We found the machine is vulnerable to a number of extremely serious attacks that undermine the accuracy and credibility of the vote counts it produces," said Felten and colleagues, graduate students Ariel Feldman and Alex Halderman.
In a 10-minute video on their Web site, the researchers demonstrate how the vote-stealing software works, showing the software sabotaging a mock presidential election between George Washington and Benedict Arnold. Arnold is reported as the winner even though Washington gets more votes.
The study is also available on the Center for Information Technology Policy's Web site.