Why Crackers Prefer Windows on Cash Machines

Dr. Roy Schestowitz

2010-07-29 16:02:31 UTC
Modified: 2010-07-29 16:02:31 UTC

Summary: Windows makes a lot of money for the bad guys, who are exploiting Windows-based ATMs

ATMs that run Windows are running for criminals to take advantage of them. This is a subject that we covered many times before along with examples. See the following older posts for background:

Here is Slashdot's summary about the latest example:

"Windows CE-based ATMs can easily be made to dole out cash, according to security researcher Barnaby Jack. Exploiting bugs in two different ATM machines at Black Hat, the researcher from IOActive was able to get them to spit out money on demand and record sensitive data from the cards of people who used them. Jack believes a large number of ATMs have remote management tools that can be accessed over a telephone. After experimenting with two machines he purchased, Jack developed a way of bypassing the remote authentication system and installing a homemade rootkit, named Scrooge,"

This links to IDG, which says:

The machines Jack hacked were, however, based on Microsoft's Windows CE operating system.

And from ZDNet:

At the Black Hat security conference here, Jack demonstrated two different attacks against Windows CE-based ATMs — a physical attack using a master key purchased on the Web and a USB stick to overwrite the machine’s firmware; and a remote attack that exploited a flaw in the way ATMs authenticate firmware upgrades.

Glyn Moody cannot comprehend such a tactless choice of Windows CE for ATMs. He asks, "why not just leave the notes out in the open?"

It should be no surprise that Google's vulnerabilities in Chrome are sometimes caused by Windows' inherent insecurity and this time for a change, "Google patches Chrome, sidesteps Windows kernel bug," reports IDG. "Microsoft was not available for comment late Tuesday."

It it worth adding that many Firefox flaws are Windows-only as well. Sometimes GNU/Linux is also affected and this new article says that "Google also released workarounds for two vulnerabilities in external components, helping to protect from flaws in the Windows kernel and GNU glibc components." Nothing is infallible, but Microsoft tends to fail more often than the rest and it hides this. ⬆

Recent Techrights' Posts

The Week to Come: Planning ahead
LLM Slop Has Only Been a Boon for Misinformation Online: The very same companies that were supposed to maintain quality (again, not limited to Google with PageRank) are now actively participating in generating and spreading slop
When They Tell You It's Free, Does That Mean No Charges (If So, Who's Paying and Why)?: there's "no free lunch"
Links 28/07/2025: COVID-19 Sped up Brain Aging, "Circumvention is More Popular Than Compliance": Links for the day
Richard Stallman is Usually Right Because He Thinks "Outside the Box": he is able to observe society (mores and norms) as somewhat of an outsider
LWN Has Been Down for a Long Time, Another Casualty of LLM Bots?: Time will tell. How much time though?
Slopfarms Versus 'Linux' (and Against People Who Write Real Articles About GNU/Linux): LLM slop in slopfarms by Brian Fagioli and Redazione RHC
Gemini Links 28/07/2025: Bila Yarrudhanggalangdhuray and Running pkgsrc in a FreeBSD Jail: Links for the day
Microsoft Turns News Sites Into Spamfarms: Is the site The Register MS the next IDG?
The Register MS/The Register US: On Saturday I contacted them for a comment (before issuing criticism)
Hacking revelations at Vatican Jubilee of Digital Missionaries: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, July 27, 2025: IRC logs for Sunday, July 27, 2025
We're Going to Focus Less on the Molotov Cocktail-Throwing Microsofters and More on Patents: We can get back to focusing on what we wanted to focus on all along
Just Trying to Keep Web Sites Honest (Journalistic Integrity): the latest articles in LinuxIac are real
Links 27/07/2025: Political Affairs, Data Breaches, Attacks on Freedom of the Press: Links for the day
Gemini Links 27/07/2025: Hot in Japan and Terminal Escape Codes: Links for the day
Links 27/07/2025: More Microsoft Layoffs Coming, Science and Hardware News: Links for the day
Links 27/07/2025: FSF Hackathon and "Hulk Hogan Was a Very Bad Man": Links for the day
Gemini Links 27/07/2025: DAW Mixer Chains and Simple Software: Links for the day
The Register MS is Inventing or Giving Air Time to New Conspiracy Theories so as to Distort the Narrative As High-Profile Agencies Fall Prey to Microsoft Holes: But the problem is holes, i.e. Microsoft making bad products; the problem is Microsoft
Most Editors at The Register Are American, Including the Editor in Chief, a Decade-Long Microsoft Stenographer (Writing Prose to Sell Microsoft): It's not easy to tell where the site is based (we tried) because it's hiding behind ClownFlare and CrimeFlare hasn't been well lately
Pushers of systemd Rewrite History (Richard Stallman Said UNIX "Was Portable and Seemed Fairly Clean"): Unlike systemd
"New Techrights" Soon Turns 2 (A Few Days Before the FSF Turns 40): We have a lot more to say about LLM bots
When Silence Says So Much: Garrett, a 'secure' boot pusher, will need to defend himself in the UK High Court
The Register in Trouble: There is not much that can be done at this point
Trajectory of The Register: From News Site/s Into "B2B"... and Into Microsoft Salespeople: Something isn't right at The Register
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, July 26, 2025: IRC logs for Saturday, July 26, 2025
Misinformation in Social Control Media: Social control media passes around all sorts of tropes
Slopwatch: Fake Linux 'Articles' and Slopfarms With "Linux" in Their Names/Domains: throwing bots at "Linux" to make some fake articles
Links 26/07/2025: Amazon Shutdown in China, Russian Economy Slows: Links for the day
Gemini Links 26/07/2025: History of Time (1988) and Gemini Games: Links for the day
Links 26/07/2025: 50 Percent Tariffs in Amazon, Dying Intel Offloads Network and Edge Group (NEX): Links for the day
Doing My Share to Tackle Online Slop and SPAM: Trying my best to 'fix' the Web
Blaming Programming Languages for Users' and Developers' Bad Practices: That's like blaming cars for drivers who crash into things
Slopwatch: Fakes, FUD, Duplicates, and Charlatans Galore: The Web as we once know it is collapsing. Some opportunists try to replace it with low-quality slop.
The Register UK Seems to Have Become American and Management is Changing (Microsofter as Editor in Chief): The Register 'UK' is now controlled by the Directions on Microsoft guy
Many People Still Read Techrights Because It Says the Truth, Produces Evidence, and Does Not Self-Censor: Unlike so many other sites
The Register is Desperate for Money, According to The Register: I decided to check how they're doing as a business
Microsoft Finally Finds a Use Case for Slop?: Create low-quality chaff to shift the media's attention?
Microsoft Windows Lost 400 Million Users in a Few Years, Why Does The Register Double Down on Windows With New US Editor?: days ago they hired a new US editor
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, July 25, 2025: IRC logs for Friday, July 25, 2025
For Libel Reform One Must First Bring (or Raise) Awareness to the Issues and Their Magnitude: I myself know, from personal experience
Links 26/07/2025: Rationed Meals in the US and TikTok Repels Investments (Too Toxic): Links for the day
Gemini Links 26/07/2025: "Bloody Google" and New People in Geminispace: Links for the day
Response to Solderpunk (Father of Gemini Protocol) About the Gemini Community: Solderpunk responds to non-sequitur
HTML and the Web Used to be Something a Child Could Learn, "Modern" Web is a Puzzle of Frameworks, Bloat, and Worse: When the Web was more like Gemini Protocol