Microsoft has planned quit from its online support and releasing security updates. Since most of ATM machines run Windows XP, the Microsoft’s decision can bring whole banking sector at stake. Windows XP is due for an “end of life and support retirement” on April 8, 2014.
According to Symantec Researchers, 95& of ATM, computer system that control access to funds, are still on archiac XP systems. For this matter, Microsoft has already expressed its concerns by calling it a “0day forever”. Yet the banking sector seemed to have paid no heed. Priorly, Redmond security researchers had also pleaded the banks to upgrade XP to more secure systems.
Unfortunately, all their vocals went unnoticed. According to Symantec, once Microsoft ends releasing its security updates for Win Xp, tricking ATMs into spitting out cash will be “an sms away” for hackers. Symantec told that a backdoor Plotus and its successor, more improved, Plotus-B will do that job for hackers.
Both of these malwares are already available in Black Markets. This backdoor can be installed and executed on ATMs quite easily. By attaching a mobile phone through USB, a hacker can command an ATM to execute backdoor subsequently enabling the hacker to drop out the cash.On the top of that, this malware can steal user data and PIN number by performing Man-in-the-middle attack. Symantec suggests that this threat can be overcome by upgrading operating system, CCTV monitoring and by full disk encryption.
View full post on Who Got Hacked – Latest Hacking News and Security Updates