Why Crackers Prefer Windows on Cash Machines

Dr. Roy Schestowitz

2010-07-29 16:02:31 UTC
Modified: 2010-07-29 16:02:31 UTC

Summary: Windows makes a lot of money for the bad guys, who are exploiting Windows-based ATMs

ATMs that run Windows are running for criminals to take advantage of them. This is a subject that we covered many times before along with examples. See the following older posts for background:

Here is Slashdot's summary about the latest example:

"Windows CE-based ATMs can easily be made to dole out cash, according to security researcher Barnaby Jack. Exploiting bugs in two different ATM machines at Black Hat, the researcher from IOActive was able to get them to spit out money on demand and record sensitive data from the cards of people who used them. Jack believes a large number of ATMs have remote management tools that can be accessed over a telephone. After experimenting with two machines he purchased, Jack developed a way of bypassing the remote authentication system and installing a homemade rootkit, named Scrooge,"

This links to IDG, which says:

The machines Jack hacked were, however, based on Microsoft's Windows CE operating system.

And from ZDNet:

At the Black Hat security conference here, Jack demonstrated two different attacks against Windows CE-based ATMs — a physical attack using a master key purchased on the Web and a USB stick to overwrite the machine’s firmware; and a remote attack that exploited a flaw in the way ATMs authenticate firmware upgrades.

Glyn Moody cannot comprehend such a tactless choice of Windows CE for ATMs. He asks, "why not just leave the notes out in the open?"

It should be no surprise that Google's vulnerabilities in Chrome are sometimes caused by Windows' inherent insecurity and this time for a change, "Google patches Chrome, sidesteps Windows kernel bug," reports IDG. "Microsoft was not available for comment late Tuesday."

It it worth adding that many Firefox flaws are Windows-only as well. Sometimes GNU/Linux is also affected and this new article says that "Google also released workarounds for two vulnerabilities in external components, helping to protect from flaws in the Windows kernel and GNU glibc components." Nothing is infallible, but Microsoft tends to fail more often than the rest and it hides this. ⬆

Recent Techrights' Posts

Links 20/05/2025: Biden's Cancer, GDPR Changes, and UK Defamation Cases (or SLAPPs) Fail Again: Links for the day
Microsofters Targeting the Wife of the Critic of Microsoft: false claims and loaded statement
Microsoft a Top Sponsor at Red Hat Summit (IBM Selling Proprietary Spyware and Back Doors in a "Red" Trench Coat): They both work for Microsoft
Slopwatch: Slopfarms 'Think' Redis is "Linux" (RedisRaider): Today we'll keep it short and to the point again
IBM Has Allegedly Just Sacked Mr. McKinsey (McK), Clay Cowan, Its Fourth CMO in a Few Years: To insiders he represented the company that's killing IBM or advising IBM on how to self-destruct
Gemini Links 21/05/2025: Trips, 4D Golf, and Writing Software: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 20, 2025: IRC logs for Tuesday, May 20, 2025
Links 20/05/2025: "Bankrupt 23andMe Just Sold Off All Your DNA Data" and "Free Speech Warriors" MIA: Links for the day
Openwashing of Windows, Back Doors, Persistent Surveillance, Keyloggers, Screen Loggers, DRM and So On: WSL is not "Linux", it's Windows
New 'Interview' With - or Talk Coverage of - Richard Stallman in the European Union: automated English translation
IBM Mass Redundancies Likely This Coming Thursday: We're not in a position to judge if that's true or false
Gemini Links 20/05/2025: LLM Scraper Bots in Gopher and "Starmer and the Somewheres": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, May 19, 2025: IRC logs for Monday, May 19, 2025
Skype Fell Off a Cliff (Microsoft Killed It), All Microsoft Has Left Now is Slop and Spaghetti Code: "This isn’t about AI. This is a puppet show to drive stock prices up and down."
The Official SUSE Blog Uses LLM Slop to Compose Fake Articles Promoting Microsoft and Azure: even a little slop spoils the broth
Slopfarms (Machine-Generated Fake News Sites Authored by Bots With Slop Images) Spread GNU FUD: This isn't about Linux (GNU doesn't run just on Linux)
United States Federal Government's Digital Analytics Program (DAP): GNU/Linux Users Represent Close to 6% of Visitors This Year: How far has GNU/Linux gotten? Very far!
The "LLM Ouroboros of Shit" is Complemented by Even Worse Phenomena Caused by Microsoft's Contribution of SPAM and Pollution: Microsoft became a world leader in promotion of LLM slop
The LLM Ouroboros Phenomenon: Fact #1: over time slop gets worse (training set is like some blurry JPEG). Fact #2: People's "smell" for slop improves over time, as they 'train' on slop and can detect it based on prior encounters. Put 1 and 2 together.
Links 19/05/2025: Charges of Blackmailing Over Son Heung-min, Chad Opposition Leader Detained: Links for the day
Gemini Links 19/05/2025: Ableism, Silicon Monkeys, and More: Links for the day
How We Defeated DDoS Attacks: One of the best things one can do is migrate to an SSG
Microsofters Issuing Threats to Microsoft Critics Who Blog About Microsoft: So far we see that their "legal strategy" revolves around trying to discredit people like Theodore Ts'o
Links 19/05/2025: Political Catchup and CISA Advisories: Links for the day
TheLayoff.com Has Begun Deleting Trolls/AstroTurfers Infesting the IBM Section to Discourage On-Topic Discussion About Culls and Maladministration (Bad Strategy): Moderators have realised there's a problem
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, May 18, 2025: IRC logs for Sunday, May 18, 2025