Why Crackers Prefer Windows on Cash Machines

Dr. Roy Schestowitz

2010-07-29 16:02:31 UTC
Modified: 2010-07-29 16:02:31 UTC

Summary: Windows makes a lot of money for the bad guys, who are exploiting Windows-based ATMs

ATMs that run Windows are running for criminals to take advantage of them. This is a subject that we covered many times before along with examples. See the following older posts for background:

Here is Slashdot's summary about the latest example:

"Windows CE-based ATMs can easily be made to dole out cash, according to security researcher Barnaby Jack. Exploiting bugs in two different ATM machines at Black Hat, the researcher from IOActive was able to get them to spit out money on demand and record sensitive data from the cards of people who used them. Jack believes a large number of ATMs have remote management tools that can be accessed over a telephone. After experimenting with two machines he purchased, Jack developed a way of bypassing the remote authentication system and installing a homemade rootkit, named Scrooge,"

This links to IDG, which says:

The machines Jack hacked were, however, based on Microsoft's Windows CE operating system.

And from ZDNet:

At the Black Hat security conference here, Jack demonstrated two different attacks against Windows CE-based ATMs — a physical attack using a master key purchased on the Web and a USB stick to overwrite the machine’s firmware; and a remote attack that exploited a flaw in the way ATMs authenticate firmware upgrades.

Glyn Moody cannot comprehend such a tactless choice of Windows CE for ATMs. He asks, "why not just leave the notes out in the open?"

It should be no surprise that Google's vulnerabilities in Chrome are sometimes caused by Windows' inherent insecurity and this time for a change, "Google patches Chrome, sidesteps Windows kernel bug," reports IDG. "Microsoft was not available for comment late Tuesday."

It it worth adding that many Firefox flaws are Windows-only as well. Sometimes GNU/Linux is also affected and this new article says that "Google also released workarounds for two vulnerabilities in external components, helping to protect from flaws in the Windows kernel and GNU glibc components." Nothing is infallible, but Microsoft tends to fail more often than the rest and it hides this. ⬆

Recent Techrights' Posts

The LLM Bubble is About to Implode, Gimmicks and Financial Shell Games Cannot Prevent That, Only Delay It: To inflate the bubble MElon is now doing the classic trick of buying from oneself for a fictional value
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, March 30, 2025: IRC logs for Sunday, March 30, 2025
Links 30/03/2025: Security Breaches, Crackdowns on Dissent/Rival Politicians: Links for the day
Gemini Links 30/03/2025: London Soundtrack Festival, Superbloom, gmiCAPTCHA: Links for the day
Phasing Out Vista 10 in Nations Where ~90% of Windows Users Still Rely on It: Recipe for another Microsoft disaster
The Cost of Pursuing the Much-Needed Reform/Shield Against Strategic Lawsuits Against Public Participation (SLAPPs): “It is curious that physical courage should be so common in the world and moral courage so rare.”
Links 30/03/2025: Contagious Ideas, Signal Leak, and Squashing Lousy Patents: Links for the day
Links 30/03/2025: "Quantum Randomness" and "F-1 Visa Revoked" in US: Links for the day
Gemini Links 30/03/2025: US as a Threat, Returning to the WWW: Links for the day
Links 30/03/2025: Judge Blocks Dismantling Of VOA, Turkey Arrested Many Journalists: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, March 29, 2025: IRC logs for Saturday, March 29, 2025
Judges Would Never Rule for Men Who Strangle Women or Against Women Who Merely Wrote Articles About Abuse They Had Received From Men: We don't intend to do "trial by media", so we won't be disclosing claims and defences until it's over
Windows is an Unnatural Disaster, It is Also Avoidable: there's a wide window of opportunity opening
Gemini Links 29/03/2025: Less YouTube and More Station: Links for the day
In Some Countries, Such as Thailand, Firefox is Already Measured at Less Than 2% (One Day Firefox Will Get Blocked, Not Only Lack Support): Web consolidation around Chrom-isms will doom the Web as we know it
Killing the News With Spam and Slop Benefits Those Whose Desire is an Uninformed Population: adoption of Free software depends indirectly on political activities/activism
Links 29/03/2025: Trademarks Battles, Fires Destroy More Than 3,000 South Korean Homes: Links for the day
Open Source Initiative (OSI) Privacy Fiasco in Detail: An Introduction: Perhaps tomorrow or perhaps next week we'll share more information about what happened and what was reported to the California Privacy Protection Agency
Links 29/03/2025: More Crackdowns on Science, "Hey Hi" Slopping is Flopping: Links for the day
IBM's BS (Bait, Switch) Regarding Ways to Stay Onboard: PIPs, RTOs, and forced relocations are just an illusion of choice (or ability to recover)
Costa Rica Almost Bankrupt Because of Microsoft: the incidents in Costa Rica are Windows incidents
Gemini Links 29/03/2025: Art of Looking, Wireguard, EMacs: Links for the day
Links 29/03/2025: Attacks on Social Security and War Updates: Links for the day
Banned evidence: Ars Technica forums censored email predicting DebConf23 death, Abraham Raji & Debian cover-up: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, March 28, 2025: IRC logs for Friday, March 28, 2025