Close Menu
Technotification
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    Technotification
    • Home
    • News
    • How To
    • Explained
    • Facts
    • Lists
    • Programming
    • Security
    • Gaming
    Technotification
    Home › Security › Windows XP ATMs can be hacked by just an sms

    Windows XP ATMs can be hacked by just an sms

    By Vikram Singh RaoFebruary 27, 2016
    Facebook Twitter Reddit LinkedIn
    Windows XP atm hacked

    We already know that Microsoft’s support for  windows XP has been ended on 8th April of this year , apparently 95% of the world’s 3 million ATM machines are runnnig on it. Microsoft’s decision to withdraw support for Windows XP poses critical security threat to the economic infrastructure worldwide.
    Security researchers at Antivirus firm Symantec claimed that hackers can exploit a weakness in Windows XP based ATMs, that allow them to withdraw cash simply by sending an SMS to compromised ATMs.

    What was interesting about this variant of Ploutus was that it allowed cybercriminals to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible, but this technique is being used in a number of places across the world at this time. researchers said.

    According to researchers – In 2013, they detected a malware named Backdoor. Ploutus, installed on ATMs in Mexico, which is designed to rob a certain type of standalone ATM with just the text messages.
    To install the malware into ATMs machines, hacker must connect the ATM to a mobile phone via USB tethering and then to initiate a shared Internet connection, which then can be used to send specific SMS commands to the phone attached or hardwired inside the ATM.

    Since the phone is connected to the ATM through the USB port, the phone also draws power from the connection, which charges the phone battery. As a result, the phone will remain powered up indefinitely.

    How it is Possible ?

    • Connect a mobile phone to the machine with a USB cable and install Ploutus Malware.
    • The attacker sends two SMS messages to the mobile phone inside the AT

    SMS 1 contains a valid activation ID to activate the malware.
    SMS 2 contains a valid dispense command to get the money out.

    • Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet.
    • Network packet monitor (NPM) module coded in the malware receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus
    • Amount for Cash withdrawal is pre-configured inside the malware
    • Finally, the hacker can collect cash from the hacked ATM machine.
    • Researchers have detected few more advanced variants of this malware, some attempts to steal customer card and PIN data, while others attempt man-in-the-middle attacks.
    • This malware is now spreading to other countries, so you are recommended to pay extra attention and remain cautious while using an ATM.
    Share. Facebook Twitter LinkedIn Tumblr Reddit Telegram WhatsApp
    Vikram Singh Rao
    • Website
    • Facebook
    • X (Twitter)
    • LinkedIn

    I am an entrepreneur at heart who has made his hobby turned a passion, his profession now.

    Related Posts

    The Psychology of a Phishing Email: How Scammers Play with Your Mind

    July 16, 2024

    9 Essential Elements of a Strong Cyber Security Management System

    July 3, 2024

    Common Cyber Attacks and How to Prevent Them

    July 3, 2024

    How Cyber Security Paid Training Prepares You for Real-World Threats

    June 13, 2024

    The Role of Security in Server Colocation Environments

    March 12, 2024

    Navigating the Waters: Best Practices for Phishing Testing in 2024

    February 19, 2024
    Lists You May Like

    10 Sites to Watch Free Korean Drama [2025 Edition]

    January 2, 2025

    The Pirate Bay Proxy List in 2025 [Updated List]

    January 2, 2025

    10 Best RARBG Alternative Sites in April 2025 [Working Links]

    April 1, 2025

    10 Best Torrent Search Engine Sites (2025 Edition)

    February 12, 2025

    10 Best GTA V Roleplay Servers in 2025 (Updated List)

    January 6, 2025

    5 Best Torrent Sites for Software in 2025

    January 2, 2025

    1337x Alternatives, Proxies, and Mirror Sites in 2025

    January 2, 2025

    10 Best Torrent Sites for eBooks in 2025 [Working]

    January 2, 2025

    10 Best Anime Torrent Sites in 2025 [Working Sites]

    January 6, 2025

    Top Free Photo Editing Software For PC in 2025

    January 2, 2025
    Pages
    • About
    • Contact
    • Privacy
    • Careers
    Privacy

    Information such as the type of browser being used, its operating system, and your IP address is gathered in order to enhance your online experience.

    © 2013 - 2025 Technotification | All rights reserved.

    Type above and press Enter to search. Press Esc to cancel.