Security vulnerability found in ATM machines running on Windows XP in Russia

  • 0
Security vulnerability found

Security vulnerability found in ATM machines running on Windows XP in Russia

Category : Blog

Security vulnerability found in ATM machines running on Windows XP in Russia. All ATMs that are still running on Microsoft’s 16-year-old Windows XP operating system are at the risk of getting hacked easily, as the OS is no longer supported by the Redmond giant except for emergency security patches (for instance, patch blocking the WannaCry ransomware released this year).

Security vulnerability found

An employee of Russian blogging platform Habrahabr recently discovered that the ATMs operated by the state-owned bank Sberbank running Windows XP has inherent security vulnerabilities that can be easily exploited by hackers.

According to the user, a full-screen lock that prevents access to various components of an ATM operating system could be bypassed by turning on the Sticky Keys when special keys like SHIFT, CTRL, ALT, and WINDOWS were pressed 5 times.

By pressing SHIFT key 5 times in a row, it allowed access to Windows settings and displaying the taskbar and Start menu of the operating system giving users to access deep within Windows XP from the touchscreen. This vulnerability allows hackers to deploy malicious software or modify ATM boot scripts.

According to the German website WinFuture, Sberbank had been informed of this vulnerability almost two weeks ago that there was a security breach at its ATM machine. While the bank promised to fix the problem immediately, the user who discovered the flaw claimed that when he visited the terminal again, he discovered that the bug hadn’t been fixed.

Since the security vulnerability found in ATM machines Microsoft has urged banks to update the latest version of Windows for ATMs to avoid scams or attacks.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training

Leave a Reply

Show Buttons
Hide Buttons