Why Crackers Prefer Windows on Cash Machines

Dr. Roy Schestowitz

2010-07-29 16:02:31 UTC
Modified: 2010-07-29 16:02:31 UTC

Summary: Windows makes a lot of money for the bad guys, who are exploiting Windows-based ATMs

ATMs that run Windows are running for criminals to take advantage of them. This is a subject that we covered many times before along with examples. See the following older posts for background:

Here is Slashdot's summary about the latest example:

"Windows CE-based ATMs can easily be made to dole out cash, according to security researcher Barnaby Jack. Exploiting bugs in two different ATM machines at Black Hat, the researcher from IOActive was able to get them to spit out money on demand and record sensitive data from the cards of people who used them. Jack believes a large number of ATMs have remote management tools that can be accessed over a telephone. After experimenting with two machines he purchased, Jack developed a way of bypassing the remote authentication system and installing a homemade rootkit, named Scrooge,"

This links to IDG, which says:

The machines Jack hacked were, however, based on Microsoft's Windows CE operating system.

And from ZDNet:

At the Black Hat security conference here, Jack demonstrated two different attacks against Windows CE-based ATMs — a physical attack using a master key purchased on the Web and a USB stick to overwrite the machine’s firmware; and a remote attack that exploited a flaw in the way ATMs authenticate firmware upgrades.

Glyn Moody cannot comprehend such a tactless choice of Windows CE for ATMs. He asks, "why not just leave the notes out in the open?"

It should be no surprise that Google's vulnerabilities in Chrome are sometimes caused by Windows' inherent insecurity and this time for a change, "Google patches Chrome, sidesteps Windows kernel bug," reports IDG. "Microsoft was not available for comment late Tuesday."

It it worth adding that many Firefox flaws are Windows-only as well. Sometimes GNU/Linux is also affected and this new article says that "Google also released workarounds for two vulnerabilities in external components, helping to protect from flaws in the Windows kernel and GNU glibc components." Nothing is infallible, but Microsoft tends to fail more often than the rest and it hides this. ⬆

Microsoft XBox is Having Its 1990s Apple Moment (Near Bankruptcy), Says Respected Insider: Microsoft's CEO has already admitted that XBox is having serious financial problems [...] They already try to reuse the brand "XBox" to refer to Vista 11
OECD Carries Water for Microsoft, Targets Schools and Children With Slop Agenda: Peel off a layer or two to find GAFAM
Links 16/06/2026: UK to Restrict Access to Social Control Media; The FCC Wants to Eliminate Burner Phones: Links for the day
Microsoft Will "DOOM" id Software and Others, Claim Observers: As the worst predictions trickle in and out Microsoft loses control of the narrative
Austria Shows Rapid Demise of Windows in the EU: Expect many Microsoft layoffs soon, and not just in XBox/gaming
Links 16/06/2026: Mainstream Media Affirms Microsoft Studio Closures Planned, Anthropic’s Latest Marketing Hype Debunked by Experts: Links for the day
This Morning The Register MS Published Page With "AI" 42 Times in It. It Was Paid SPAM.: The Register MS is propping up a pyramid scheme
Microsoft "Xbox braces for sweeping studio closures before June 30.": Microsoft's control of the damage-limiting narrative has clearly slipped
In Africa's Largest Nation Windows Has Fallen From 100% to a Lot Less, Now All-Time Lows: Let's see what happens or will happen in Algeria in 2027
Richard Stallman's Talk Due in One Hour, Here's What People Say: To Stallman, what matters is control by users and collective control
SLAPP Censorship - Part 108 Out of 200: Moving On and Moving Up: an explanation of our rich history and commitment to courageous whistleblowers
Why We Call Him Dr. Stallman: He got at least 15 such titles
United States of America: GNU/Linux Hovering Around 5% (It Started There): GNU/Linux is turning 43 this year (in a few months), Linux will turn 35
Microsoft Promises Made to be Broken: It's a real problem and it is not limited to XBox
IBM Down $61 in Two Weeks, The Lies About Quantum Computers Didn't Last Long: IBM is an unsafe employer, not a good place to work
You Probably Don't Want to "Go Viral" in Toxic Social Control Media: Good news sites do not strive to go "viral" but to be consistently good, irrespective of "traffic"
New 'Article' in The Register MS Has Mentioned "AI" 44 Times. The Register MS Got Paid to Publish It.: Bear this in mind when seeing "hey hi" all over the news
18-Year Anniversary of Our IRC Community: As noted some months ago, trolling and abuse in our IRC network is very rare these days
Microsoft - Like IBM - is Leaving a Legacy is Emptied/Abandoned Buildings: Microsoft's LinkedIn had many layoffs recently
Richard Stallman's (RMS) Speaking Tour in Europe Coincides With Abandonment of Microsoft Windows: The message applies to all governments
Gemini Links 16/06/2026: Nazi Law of Mental Abuse and Lewis Aburrow's 3D-Printed Slider: Links for the day
Links 16/06/2026: Windows TCO and Fedora Finding Serious 20-Year-Old Holes in Microsoft Outlook: Links for the day
European Patent Office (EPO) Series: An Advisor to the President: he had recently advanced to membership of the "inner circle" of Team Campinos.
Two Weeks Ahead of July Three Studios Microsoft Plans to Shut Down Already Named: This is what happens when companies try to establish themselves on a mountain of promises and false assumptions, kicking the can down the road until payroll becomes hard to complete
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, June 15, 2026: IRC logs for Monday, June 15, 2026
IBM Works for Microsoft: Hours ago in IBM.com
Microsoft May Already Be Shutting Down More Gaming Studios: the writings are on the wall: XBox is in disarray.
European Patent Office (EPO) Series: The EPO's Brussels Liaison Officer: It would appear that in January 2020, Pellegrino was induced by Campinos to jump ship from the EUIPO and take up his current position as Brussels Liaison Officer for the EPO
European Patent Office (EPO) Receiving Section (RS) and Elimination of Many Roles: Open letter to Mr Rowan (VP1) and Mr Aledo Lopez (COO) [...] Does the EU leadership intend to tolerate this?
Microsoft's XBox is Disintegrating, Executives Are Quitting: We're basically witnessing the slow-motion "end of XBox"
Gemini Links 15/06/2026: Slop Code Benchmarked, Wireguard on NixOS and Guix: Links for the day
Links 15/06/2026: More Own Goals for the Slop Industry, Palantir Trouble in UK: Links for the day
Apple Wants Everybody to Forget About "Vision Pro" Because It Was a Giant Flop: worthless gadgets with no obvious use case/s
The Cyber Show is Adopting 'Book Form' (or Long Form Publications): Andy and Helen nowadays invest more time in making their site faster
Richard Stallman's Software Freedom/Digital Sovereignty Tour in Europe: As things stand at present, the vast majority of people have their interactions controlled/policed by GAFAM
Estimates of Scale of Microsoft Layoffs, Will Likely Happen "in Batches": "Heard 10 to 15 percent eventually but idk date."
IBM Has Put Red Hat on a Poor Diet of Slop, Now Fedora and Red Hat Suffocate or Choke on It: Over the weekend we saw more people leaving the company
Estimates of Microsoft Layoffs: 3,000 Staff to be Culled Just in Gaming, How Many in Other Divisions?: Now the XBox division has its own "fall guy", but it is a woman
Straw Man Arguments Against Rust: If anything, it teaches the importance of auditing packages
Tesla Debt Rose Sharply, Sales Declined, Wall Street's Claim of Tesla "Value" is Merely a Fairytale (and Not Just Tesla): We would gladly sell land on Mars to anyone who honestly believes a company that loses money is somehow "worth" trillions in Wall Street
Stop Calling Losses "Investment": XBox is losing money, it is a sinkhole
For Justice We Need More Speech, Not Less Speech: When you attack something you are just giving that something a bigger platform
SLAPP Censorship - Part 107 Out of 200: Keeping Law Accessible to Everybody: We'll have stories related to this in the future
Links 15/06/2026: Slop "Beg Bounties", Wall Street Fakes 'Worth', and Arkansans Saved PBS: Links for the day
Gemini Links 15/06/2026: Dating Oaks, Simulation, and Theremin: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, June 14, 2026: IRC logs for Sunday, June 14, 2026
Links 14/06/2026: Energy Cost and Reality Strikes at Heart of Slop Bubble, 75 Data Center Build-outs "Successfully Blocked": Links for the day
Microsoft CEO Says XBox is Not a Sustainable Business: "Now, we have to turn this into a sustainable business," he said about XBox
MElon (MUSK, Elon) is a Trillionaire Like Penguins Are Mammals: Have media outlets told the truth?
Unlikely Heroes: One personal hero who is not alive (anymore) is Navalny
Bruce Schneier Was Probably Wrong About Slop: Right now politicians who openly speak in favour of slop are committing "political suicide"
SLAPP Censorship - Part 106 Out of 200: 100 Kilograms of Legal Papers: When one party's communications and filings weigh at about 3 KG of paper and another's... at about 100 KG of paper
Links 14/06/2026: More Google Layoffs, Wall Street Deems Companies That Lose Money "Worth" Trillions: Links for the day
Gemini Links 14/06/2026: "The Universe is a Hologram", "Matrix Brain Download", and "Happy 0th Year": Links for the day
European Patent Office (EPO) Series: Battistelli's "Baltic Crusader": Gilles Requena, Battistelli's erstwhile "Baltic Crusader" and the loyal servant of his successor Campinos
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, June 13, 2026: IRC logs for Saturday, June 13, 2026

Why Crackers Prefer Windows on Cash Machines

Recent Techrights' Posts