Why Crackers Prefer Windows on Cash Machines

Dr. Roy Schestowitz

2010-07-29 16:02:31 UTC
Modified: 2010-07-29 16:02:31 UTC

Summary: Windows makes a lot of money for the bad guys, who are exploiting Windows-based ATMs

ATMs that run Windows are running for criminals to take advantage of them. This is a subject that we covered many times before along with examples. See the following older posts for background:

Here is Slashdot's summary about the latest example:

"Windows CE-based ATMs can easily be made to dole out cash, according to security researcher Barnaby Jack. Exploiting bugs in two different ATM machines at Black Hat, the researcher from IOActive was able to get them to spit out money on demand and record sensitive data from the cards of people who used them. Jack believes a large number of ATMs have remote management tools that can be accessed over a telephone. After experimenting with two machines he purchased, Jack developed a way of bypassing the remote authentication system and installing a homemade rootkit, named Scrooge,"

This links to IDG, which says:

The machines Jack hacked were, however, based on Microsoft's Windows CE operating system.

And from ZDNet:

At the Black Hat security conference here, Jack demonstrated two different attacks against Windows CE-based ATMs — a physical attack using a master key purchased on the Web and a USB stick to overwrite the machine’s firmware; and a remote attack that exploited a flaw in the way ATMs authenticate firmware upgrades.

Glyn Moody cannot comprehend such a tactless choice of Windows CE for ATMs. He asks, "why not just leave the notes out in the open?"

It should be no surprise that Google's vulnerabilities in Chrome are sometimes caused by Windows' inherent insecurity and this time for a change, "Google patches Chrome, sidesteps Windows kernel bug," reports IDG. "Microsoft was not available for comment late Tuesday."

It it worth adding that many Firefox flaws are Windows-only as well. Sometimes GNU/Linux is also affected and this new article says that "Google also released workarounds for two vulnerabilities in external components, helping to protect from flaws in the Windows kernel and GNU glibc components." Nothing is infallible, but Microsoft tends to fail more often than the rest and it hides this. ⬆

Recent Techrights' Posts

Libya's Share on the Web: 5.2% GNU/Linux: GNU/Linux has hit an all-time high there
Codecs and Software Patents - Part VI - The European Patent Office, Nokia, Microsoft, Sisvel, and More: Whatever Nokia used to be, it's certainly not an ally and a lot of the turmoil at the EPO is the fault of companies like Nokia
Links 11/05/2026: Another Oracle Setback and Mass Layoffs in Iran: Links for the day
Gemini Links 11/05/2026: Older Can Be Faster and Textmode Workflow: Links for the day
Links 11/05/2026: The Solicitors Regulation Authority (SRA) Admits It Only Reacts When It's Too Late (Damage Already Done), Ombudsman’s Animal Cruelty HK Report: Links for the day
If It Takes You a Second to Serve (or Receive) a Page, That's Definitely Too Slow: For speeds at milliseconds (e.g. for pages to fully load in a tenth of a second) the pages must be ready to be sent as soon as they're requested
It's Not About Speed, It is About Patience and Adherence to Truth, Principles, Scientific Integrity: attacks on us only ever made us stronger - a lesson that our adversaries have learned the hard way
Cyber Show Does it Like Techrights: Static and Gemini Protocol as 'First-Class Citizen': HTML and GemText (over Gemini Protocol) would be rendered in tandem
SLAPP Censorship - Part 73 Out of 200: Microsoft's Graveley and Garrett Remain Closely Connected in May 2026 ("Tag-Teaming" Against Bloggers in Another Continent): The phrase "judge a person by their friends" seems applicable here
Discussions About When the Axe Falls at IBM/Kyndryl (11,000 Layoffs Estimated): "Kyndryl restructuring should reduce overhead functions and reduce the number of managers that lack technical knowledge"
A World After Microsoft (and GAFAM) and After GitHub Shuts Down: the only growth area is debt
Fake News, Propaganda, and Misinformation: Microsoft Investing Money It Does Not Have in "Hey Hi" (for "Entertainment Purposes" Only): This will not end well
Today the Whole European Patent Office (EPO) is on Strike and Next Monday an Even Bigger Strike: the media refuses to cover these and is thus complicit
The Corrupt Lecture the Non-Corrupt - Part IXX - EPO Management Speaks of Reputation and Integrity While Putting Cocaine Addicts in Management: If the EPO values its "reputation", then it needs to start by ousting the management
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, May 10, 2026: IRC logs for Sunday, May 10, 2026
Links 11/05/2026: Security Breaches, Politics, and Energy Crunch: Links for the day
Gemini Links 10/05/2026: "Accidental Cameras" and "Addictive" Interfaces in Social Control Media: Links for the day
Codecs and Software Patents - Part V - A Reminder That GAFAM and the European Patent Office (Which Serves American Monopolists) Do Considerable Harm to the Commons and Culture: some 'breaking' developments
Gemini Links 10/05/2026: Inkscape, Guix, and Alhena 5.5.8: Links for the day
The "Alicante Mafia" at the European Patent Office (EPO) Experiments With New Methods for Crushing Industrial Actions: Open letter to VP1 and the COO [...] What does this tell us about the status quo at the European Patent Office, Europe's second-largest institution?
The Corrupt Lecture the Non-Corrupt - Part XVIII - "The European Patent Office (EPO) has a zero-tolerance policy for fraud" (except when managers do it): The guidebook of the EPO says fraud is not to be tolerated, but who enforces or revisits such "Red Lines"?
Links 10/05/2026: Hantavirus Brings Back 'Contact Tracing' Surveillance, "Staple Food Prices Soar in Iran": Links for the day
Microsoft XBox Staff Know They're in Trouble, They Try to Unionise Ahead of Mass Layoffs: As the slang goes, it's going to be a "bloodbath"
Links 10/05/2026: Fake Suicide Notes and New EU Restrictions on Slop: Links for the day
SLAPP Censorship - Part 72 Out of 200: Microsoft's Graveley and Garrett Signed Documents That Hold Them Accountable to Truth and Liable for Lies: Such collaborations are unsavoury and apparently unprofessional, too
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, May 09, 2026: IRC logs for Saturday, May 09, 2026
Gemini Links 10/05/2026: Travelling to Van and "Dark Mode" as Passing Fad: Links for the day
IBM's Kyndryl Holdings Inc Sank 70-75% in 'Value' in 10 Months, Will IBM Follow?: Kyndryl Holdings Inc now has a debt considerably higher than this company is said to be 'worth'!
Belated Sovereignty: GNU/Linux in Iran Skyrockets to 6% Amid Armed Conflict: unless they're truly in control of their networks, hardware and software, somebody else can control them
Gemini Links 09/05/2026: Liberation, The Nocturnals, Rediscovering Internet Radio, and More: Links for the day
Links 09/05/2026: Kremlin’s Biggest Day of the Year and FBI's Attack on the Media (to Save Face): Links for the day
Google is "Bullshit": Fix your slop, Google. It's broken.
SLAPP Censorship - Part 71 Out of 200: 5RB Barristers Made Tens of Thousands of Pounds by Changing From Plural to Singular for Microsoft's Graveley and Garrett: Could not even get the client's name right
Links 09/05/2026: "Grand Theft Oil Futures" and Mass Layoffs at Verizon: Links for the day
Gemini Links 09/05/2026: Inkscape "Copy Text Style" and NomadNet: Links for the day
The Corrupt Lecture the Non-Corrupt - Part XVII - European Patent Office (EPO) Management Not Sharing Responsibility for Financial Resources: For those who wonder, EPO strikes are still going on
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, May 08, 2026: IRC logs for Friday, May 08, 2026