We have warned several times of risks for ATM running outdated Windows XP operating system. These systems could be easily hacked as recently discovered by an employee of the Russian blogging platform Habrahabr who reported that the ATMs operated by the Sberbank bank running Windows XP are affected by easily exploitable security vulnerabilities.
The user discovered that a full-screen lock that prevents access to various components of an ATM operating system could be bypassed by pressing five times special keys like SHIFT, CTRL, ALT, and WINDOWS.
By pressing the SHIFT key five times it is possible to access the Windows settings and displaying the taskbar and Start menu of the operating system, with this trick users can have access to Windows XP by using the touchscreen.
“Well, I, standing at the terminal of the Savings Bank with a full-sized keyboard and waiting for the operator to answer the phone, decided to press this Shift from boredom, naively believing that without functional keys this would lead to nothing. No matter how it is! Five times quick pressing of this key gave me that very little window, besides revealing the task panel with all the bank software.” wrote the user.
“Stopping the work of the batch file (see the taskbar on the video below), and then all the banking software, you can break the terminal.”
This vulnerability allows hackers to modify ATM boot scripts and install malicious code on the machine.
The users tried to report the issue to the Sberbank contact center, but unfortunately, the operator was not able to help the man and suggested him to contact the support service using the phone number written on the terminal itself.
According to the German website WinFuture, Sberbank had been informed of the security flaw in its ATM almost two weeks ago. The bank confirmed to have immediately fixed the security issue, but the user who discovered the flaw claimed that the issue is still present on the terminal he visited.
“In tech support, a friendly girl after I said that I want to report a vulnerability, immediately switched me to some other specialist. He first asked how to contact me and the terminal number, then on the nature of the problem, then I listened to music for a long time, and, after all, the guy said that the problem is fixed. ” continues the user.
“All this happened on the sixth of December. Two weeks later I decided to check that there is a terminal. Still, after all, they said that they “fixed” the problem, probably they should have already eliminated it, but no – it’s still there, the window still pops up.”
Security experts urge financial institutions to update the latest version of Windows for their ATMs.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – ATMs, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and…
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
This website uses cookies.